Story image

Trustwave brings database security scanning to the cloud

02 May 2019

Trustwave has announced a new database security scanning and testing software that helps organisations better protect critical data assets hosted on-site or by major cloud service providers from advanced threats, configuration errors, access control issues, unauthorised privilege escalation, missing patches and more.

“Databases are the proverbial ‘bank vaults’ cybercriminals aim to crack leveraging malware, zero-day vulnerabilities, savvy social engineering and other sophisticated means,” says Trustwave product management senior vice president C.J. Spallitta.

“As businesses continue expanding globally, obtain new assets through acquisitions and adopt mixed computing models to control costs, maintaining data visibility while keeping pace with an evolving threat landscape becomes a challenge.”

Trustwave DbProtect is a scalable comprehensive database security platform that delivers real-time visibility and protection to data housed across an organisation’s footprint no matter what environment or a mix of environments the data traverses or resides.

The software offers compliance management capabilities through constant monitoring for unusual data behaviours indicative of a breach or policy violations.

New features in Trustwave DbProtect include:    

  • Support for major cloud providers --Trustwave DbProtect allows customers to protect big data stores across (and in between) major cloud services including Amazon Web Services, Amazon Relational Database Service, Microsoft Azure, Google Cloud Platform, GovCloud, FedCloud and others supporting Windows Server. Organisations choosing to host operations entirely in the cloud benefit by eliminating the need to have a locally installed management console and backend database servers.
     
  • Powerful database discovery and agentless scanning --Trustwave DbProtect quickly discovers all databases and associated objects, users and enabled security features across an organisation’s entire footprint and chosen deployments including on-premises, hosted and hybrid cloud. An agentless scanning feature eliminates the need for scanner installation on each individual database in favour of a single scanning engine that can connect and administer vulnerability and rights management scans on thousands of databases simultaneously.
     
  • Cybersecurity risk and compliance infraction reduction --Trustwave DbProtect identifies data leakage, misconfigurations, access control issues, missing patches, unauthorised data modifications and other concerns that put organisations at risk for breaches and associated steep fines for non-compliance. Organisations can collect and correlate a forensic audit trail of all privileged database activities to meet regulatory obligations effectively.   
     
  • Real-time alerting for threats and policy violations -- Organisations gain a picture on the state of their data security and compliance efforts at any point in time. Once a baseline is established, Trustwave DbProtect continuously monitors for new threats and data policy violations alerting information technology and security teams. Detailed analysis and ranking depending on the severity of each instance are given allowing internal teams to prioritise and properly plan to take appropriate corrective actions.
     
  • Single dashboard view and reporting -- Trustwave DbProtect delivers a single consolidated view of threats, vulnerabilities, perceived risks and compliance endeavours across the entire data environment. Using analytics, database administrators can drill down for detailed views of each individual database or group of databases to run reports against an established baseline charting progress and operational efficiencies. 
Forget endpoints—it’s time to secure people instead
Security used to be much simpler: employees would log in to their PC at the beginning of the working day and log off at the end. That PC wasn’t going anywhere, as it was way too heavy to lug around.
DimData: Fear finally setting in amongst vulnerable orgs
New data ranking the ‘cybermaturity’ of organisations reveals the most commonly targeted sectors are also the most prepared to deal with the ever-evolving threat landscape.
IXUP goes "post-quantum" with security tech upgrade
The secure analytics company has also partnered with Deloitte as a reseller, and launched a SaaS offering on Microsoft Azure.
NZ businesses are leaving themselves vulnerable to cyber threats
Barely six per cent of business and companies in New Zealand have adequate cyber protection.
InPhySec forges partnership to tackle NZ cybersecurity market
The Kiwi managed security services provider is partnering with CrowdStrike to bring its endpoint protection solution to its customers.
Infoblox appoints channels head for A/NZ
Kenneth Cartwright’s appointment extends Infoblox’s position in secure cloud-managed network services throughout the region.
Chch crypto exchange Cryptopia facing liquidation
It seems that Christchurch-based cryptocurrency exchange Cryptopia has been unable to recover after malicious cyber attackers stole around $20 million worth of cryptocurrency.
ExtraHop’s new partner program for enterprise security
New accreditations and partner portal enable channel partners to fast-track their expertise and build their security businesses.