DBSEC Cloud Database Audit (DBAudit-EnCloud for short) is a cloud database security audit product launched as users apply to the cloud and face challenges in cloud data security. DBAudit-EnCloud combines traditional products with a cloud environment based on years of offline database security technology accumulation to form a security management tool integrating security, diagnosis and maintenance capabilities for database operation and security managers in a cloud environment.
DBAudit-EnCloud implements auditing of cloud-based self-built databases, cloud database services, and Hadoop big data access processes and behavior. It has application user-related audit functions; it has real-time monitoring capabilities for risk conditions, operating conditions, performance conditions, and statement distribution.
DBAudit-EnCloud realizes cloud data auditing products that are rapidly deployed and easily maintained through a database-based interface language, intelligent protocol recognition, visual operation status presentation, and risk tracking capabilities that can be interactively drilled down.
This product is delivered as an image, and users can independently install it on their own cloud host. The product helps users achieve the following values:
1) Meet compliance requirements
Through cloud auditing, each user's behavior, suspicious operations, and alarm notifications can be carried out, operation records can be completely analyzed, and monitoring of the audit process can be provided. Audit records are prevented from being deleted maliciously, and are automatically archived. Logs can be kept for more than six months, and the identity of each application user can be traced through app-related audits. Help enterprises meet the requirements of Level 3 Insurance and the Cybersecurity Law.
2) Security incident investigation
It provides database operation records and post-mortem analysis capabilities in various dimensions such as statements, sessions, IP, database users, business users, response time, influence lines, etc., and becomes a reliable basis and source for tracking after a security incident.
Through the accurate correlation between SQL behavior and business users, database access behavior can be effectively targeted at business workers, and can be effectively held accountable and determined.
3) Database performance diagnosis
Shows the operating status of the database, database access traffic, concurrent throughput, and response speed of SQL statements in real time; provides analysis of inefficient statements and most visited statements to help operation and maintenance personnel perform performance diagnosis.
4) Discover the backdoor of the program
The system provides SQL learning and SQL whitelisting capabilities to implement SQL modeling of business systems; through modeling of legal system behavior, backdoor programs hidden in the software system can provide real-time alerting capabilities at startup, reducing data leakage losses.
5) Database attack response
The system provides database risk alerting capabilities, and provides real-time alerting capabilities for risk behaviors such as SQL injection, database vulnerability attacks, excessive data downloads, and dangerous SQL statements (such as no where delete).
When the product is deployed, it must be at least outside the system disk, and at least a 500G data disk is required to boot properly.
This product supports the BYOL method and comes with a 7-day free trial license. You can call the technical support hotline 400 923 1376 for help.