The database security and compliance company on Monday is unveiling SQL Guard PCI (Payment Card Industry) Accelerator. PCI is a standard designed to ensure that companies safeguard databases against network-based credit card information breaches and identity theft.
The SQL Guard PCI Accelerator module is delivered on Guardium Inc.s SQL Guard Platform, a standalone device that sits in front of databases.
This device monitors any database access activity, from outside or inside the network, before transactions have a chance to hit the actual database.
According to Nate Kalowski, Guardiums vice president of corporate marketing, because this network device sits outside the database itself, it has no effect on database performance.
The device provides continuous, real-time monitoring, forensic analysis and alerting to inappropriate access.
Amit Yoran, a Guardium board member and recent Cyber Security Chief for the Bush Administration, said that Guardium is filling a hole in security technology, where database security is poorly understood.
Yoran said that in his experience, both in the private sector and in the Department of Homeland Security, while databases constitute the most sensitive information assets companies have, theyre also the least understood technology stack component in the security industry.
"Databases, once theyre developed, theyre moved out of the development environment and put into the operational environment and stuck behind the firewall where some ports may be opened, but theres a poor understanding of whats happening in the database, what ports should be open, what type of information flows, what types of calls access what type of information and what information is leaving the perimeter … into the rest of the world or the rest of the corporate intranet," he said.
Security in general doesnt do a very good job of protecting databases, he said, and that area is where the next generation of technologies is appearing in companies like Guardium.
Pete Lindstrom, research director at Spire Security LLC, agreed that what Guardium is doing is the "hard stuff in security"—trying to find "a needle in a haystack." 156093
"You take a bunch of legitimate activity and try to find out something that looks wrong and flag that," he said.
The problem is that there are many fairly easy ways to gain legitimate credentials to access a database, Lindstrom said, such as keystroke logging. Legitimate accessing of a database doesnt get caught by many security technologies. Guardiums technology can come into play in such situations because it monitors database activity, looking for and flagging anomalous behavior, Lindstrom said.
Guardium competes against compliance and database security vendors such as Lumigent Technologies, IPlocks Inc., Tizor and AppSecInc. What Lindstrom likes about Guardium in comparison to the competition, he said, is that it works on the network, aggregating multiple databases activity.
"Theres no hit on the database itself," he said. "Theyre just pulling stuff off the wire. That architecture alone means that, for example, if youre having a hard time convincing a database administrator on the issue of security," you can probably convince him or her that database performance wont suffer with Guardium technology, he said.
The SQL Guard platform supports IBM, Oracle Corp., Microsoft Corp. and Sybase Inc. databases. It allows for database access monitoring, firewalling and auditing from one platform. Task-oriented application modules automate aspects of database security, auditing, regulatory compliance and identity theft prevention.
Available on Monday, the PCI Accelerator module set includes the Accelerator module, SQL Guard Security Suite and SQL Guard platform. Pricing starts at $50,000.