Solutions White Papers

Intrusion Detection and Security Auditing in Oracle | PDF
Without real-time auditing and monitoring of data access, CIA (Confidentiality, Integrity, and Availability) is impossible to maintain. While there have been many discussions on the need to provide some level of auditing and monitoring of data access within databases, there is little information to help organizations define what the appropriate strategy is for them. This paper is based on "theoretical best-practices" combined with "real-world practicality" to define a usable policy for auditing and monitoring Oracle databases.

Security Auditing In Microsoft SQL Server | PDF
Without real-time auditing and monitoring of data, CIA is impossible to maintain. While there have been many discussions on the need to provide some level of auditing and monitoring, there is little information to help organizations define what the appropriate auditing and monitoring strategy is for them. This paper is based on "theoretical best-practices" combined with "real-world practicality" to define a usable policy for auditing and monitoring databases.

Vulnerability Assessment: The Right Tools to Protect Your Critical Data | PDF
Over the last several years, Vulnerability Assessment (VA) has become one of the hottest fields within the computer security market. VA tools are designed to detect and report on security holes within various software applications, allowing organizations to take corrective actions before a devastating attack occurs. This paper focuses on network-based VA tools and how they fit into the security infrastructure of protecting critical data.

Database IDS versus Traditional Network IDS | PDF
Traditionally, Intrusion Detection has been performed at the network perimeter, with a focus on detecting known attack signatures and behavioral anomalies. New to the market are IDS specific to the database. This paper focuses on the difference between traditional network IDS and database IDS and how they fit into the security infrastructure.