Industry’s first Behavioral Analysis based SQL injection defense
The trend today is toward using behavioral analysis to detect attack attempts
The SQL injection threat is so great, and has been around for more than 15 years, why has it remained unsolved for so long?
This EMA Vendor to Watch analysis discusses the unique characteristics of SQL injection protection vender DB Networks
Fifteen years on, organizations still struggle with the SQL injection threat.
DB Networks was a Gold winner in three 2013 Global Excellence Award categories at RSA -- Database Security, Firewalls, and New Product Launch.
This white paper examines how effective, real-time, protection of the database infrastructure requires a next generation Core IDS.
Learn how to identify your critical web application SQL statement generation vulnerabilities by instrumenting at the database tier.
Learn how behavioral analysis is being used to accurately detect advanced SQL injection attacks in real time.
In this video we examine why SQL injection has been a pervasive database security threat for over 15 years and how next generation complex behavioral analysis is addressing the threat.
DB Networks intelligent security appliances use complex behavioral analysis to immediately identify advanced database attacks. We protect the confidential data residing in your databases from falling into the hands of cybercriminals attacking you with advanced SQL injection techniques.
High level of sensitivity
DB Networks' novel detection approach has been field proven in identifying even the most highly obfuscated SQL injection attacks that slip easily through signature-based perimeter security devices. Even zero-day SQL injection attacks are immediately detected. This is because all SQL injection attacks deviate from the normal behavior of the SQL statements created by the application.
Substantially lower false positives
The process begins by automatically learning and modeling the application's proper SQL generation behavior. DB Networks' technology then uses a suite of algorithms to independently test and evaluate each SQL statement against the learned behavioral model. Fuzzy logic is applied to determine the overall threat of each SQL statement. This technique has proven to be extremely accurate while producing very few false positives.
An incredibly short learning cycle offers rapid time to protection. Typically an application creates enough SQL statements in a single day for the product to build a viable behavioral model. Additional SQL statements can be learned later if the application changes.