GreenSQL’s database firewall enables administrators to define permissions for viewing or updating individual databases, tables or columns. Database, table and column-level access permissions may be based on any combination of database user, IP address, client application and time of day. By implementing role –based access to sensitive information, Green SQL’s security software Database Firewall prevents information theft and eases compliance with a lot of regulations such as PCI-DS and HIPAA.

Due to the fact that GreenSQL functioning as a proxy to the database, end users and applications never have direct access to the database operating system. This prevents any type of attack to exploit vulnerabilities in the operating system. This is also able to prevent problematic or suspicious requests from …

Read More →


DataSunrise data masking restricts sensitive data within a database from exposure to non-privileged users. This prevention of unauthorized access to sensitive data is done by creating a structurally similar but inauthentic data to provide it for some external services. This is to protect the sensitive data from being exposed to the wrong people, it maintain the security of the data within the database.

In proxy mode DataSunrise is able to monitor SQL statements that database clients send to a database and hide original data with random or predefined data. DataSunrise supports data masking in proxy mode only. It evaluates each SQL statement by using the list of rules in order or rule priority. DataSunrise then executes the first rule …

Read More →

Fortidb Database firewall is a multinational corporation founded in the year 2000 by brothers Ken and Michael Xie. The company sells high performance network security products and services including their flagship integrated network security solutions, the FortiGate firewall. Fortidb database firewall offers some products which include;

FortiGate Firewall Platform

This is the Fortinet’s flagship integrated network security solution. The FortiGate offers data center firewall (DCFW), unified thread management (UTM) and next generation firewall (NGFW) technologies including:

  • Firewall
  • Virtual Private Network (VPN)
  • Application Control
  • Anti-malware
  • Intrusion Prevention
  • Web Filtering
  • Vulnerability Management
  • Anti-Spam
  • Wireless Controller
  • Wide Area Network Acceleration

The FortiGate appliances makes use of FortiASIC technology, an application specific integrated circuit designed for accelerated processing of security and networking functions, a …

Read More →

This is an object relational database management system that mainly emphasizes on extensibility and on standards-compliance. It being a database server its primary function is to store data securely supporting best practices, and to allow for retrieval at the request of other software applications. PostgreSQL boast of being able to handle workloads ranging from small single-machine application to large internet-facing applications with many concurrent users.

PostgreSQL implements majority of the SQL: 2011 standard that is its acid compliant and transactional hence avoiding locking of issues using multi-version concurrency control. It’s also able to provide immunity to dirty reads and full serializability. It handles complex SQL queries too using many indexing methods that are not available in other databases.

In addition …

Read More →

The oracle data guard forms an extension of the oracle relational database management system (RDBMS). It mainly aids in the establishing and maintaining of secondary databases “standby databases” as an alternative or supplementary repositories to production of “primary databases”. Oracle provides with both graphical user interface (GUI) and command–line tools for managing data guard configurations.

Data guard provides both physical standby and logical standby sites. Oracle corporation makes Data guard available only as a bundled feature included within its “enterprise edition” of the oracle RDBMS. With appropriate set-up of Data guard operations, database administrators can facilitate failovers or switchovers to alternative hosts in the same or alternative locations.

For the purpose of Data guard, each Oracle database functions either in …

Read More →

It is not very possible for an organization to maintain its security if it does not have full control over what is happening in its database. Imperva SecureSphere Database firewall proactively protects your data by monitoring all traffic, discovered and remediating unpatched database servers and blocking advanced targeted attacks.

SecureSphere Database Firewall enables one to avoid expensive breaches by effectively protecting databases from attacks, data theft and loss. SecureSphere inhibits some major key capabilities such as the following:

Monitoring All Traffic for Protection and Compliance

The firewall confidently identify and document suspicious and non-compliant behavior. It provides an organization with the knowledge of all the facts. Even with a high volume of database traffic, SecureSphere operates like a video camera, …

Read More →

SQL injection techniques are an increasingly becoming a dangerous threat to the security of information stored upon any Oracle database. Oracle is a huge product and SQL injection can be applied to many of its modules, languages and APIs making oracle database likely to be susceptible to SQL injection attacks.

SQL injection attacks can be easily defeated with simple programming changes, however, developers must always ensure to be discipline enough to apply some important methods to every web accessible procedure and function.

Every dynamic SQL statement must be protected because a single unprotected SQL statement can result in compromising of the application, data or database server. Some of this important methods are:

Bind Variables

The most powerful and advisable protection …

Read More →

Dynamic data masking limits sensitive data exposure by masking it to non-privilege users. Dynamic data masking is able to prevent unauthorized access to sensitive data by enabling customers to designate how much of the sensitive data to reveal with minimal impact on the application layer. It is a security feature that hides the sensitive data in the result set of a query over a designated database fields, while the data in the database is not changed.

Dynamic data masking has an advantage for it is very easy to use with existing applications since most of the masking rules are applied in the query results. Many applications can mask sensitive data without modifying existing queries at all thus the simplicity of …

Read More →

This article is to try and enable you to understand the basis of an SQL attack. It gives us the view of how attackers take advantage of SQL injection vulnerabilities and prevention tactics one should use when facing an SQL attack or on how one can be able to detect a SQL attack quickly.

SQL Injection Scanner

Because an SQL injection attack basically exploits vulnerable Web applications and database code, the best way to prevent this is by resolving the code’s vulnerability. Any place where a code dynamically generates SQL query using data from an external source should be closely checked.

This can be done best (especially when looking at on larger projects) by the use of an automatic source …

Read More →

This is the process of obscuring or masking specific data within a database to prevent it from security breaches. This masking enables the securing of the sensitive data. Such sensitive data include information like a customers’ identification number which need to be protected from unauthorized personnel.

Oracle Data masking enables organizations to comply with data privacy and protection mandates that restrict the use and sharing of private, sensitive or personally identifiable information. With oracle data masking sensitive information can be replaced with realistic values, allowing production data to be safely used for the development, sharing or testing with out-sourcing partners or off-shore teams for other non-production purposes.

Advantages of Oracle Database Masking.

  • Oracle data masking involves sensitive data discovery and
Read More →