Click here to receive your FREE subscription to Campus Technology
News
Hedgehog 1.2 Adds Context-Based SQL Injection Security
11/30/2007
Sentrigo has enhanced its Hedgehog database monitoring software to identify SQL injection security problems in database built-in packages. SQL injections in packages have represented the lion's share of database exploits in recent years, according to the company.
The security solution provider claims that its Hedgehog 1.2 solution can spot difficult-to-detect SQL injections, especially unknown ones, thereby helping to avoid potential "zero-day" attacks.
Sentrigo's literature explains that Hedgehog 1.2 accomplishes its SQL exploit detection via a method it calls "context-based SQL injection detection."
Rather than track the signatures of known injections, Hedgehog monitors database activity, such as actions run by packages, triggers and stored procedures. To detect unknown injections, Hedgehog examines the context from which SQL statements originate, as well as the types of commands used and the user's access privileges.
Hedgehog can detect improper commands. For instance, when a package has the definer rights of a privileged user and initiates a command that is incongruent with its intended use, Hedgehog will recognize this as a manipulation via SQL injection. Because the software monitors the database memory, it can detect these instances when they occur. The solution is capable of tracking activity from outside attackers, as well as threats from the inside.
Hedgehog 1.2 is currently available from the Sentrigo Web site.
David Kopf is a freelance technology writer and marketing consultant. He can be reached at david@dkcopy.com.
Cite this Site
copy text (above) for proper citation
Recommended Reading
- Tufts Grants Rights for Mileage-Increasing Transportation Technology to Electric Truck
Tufts University has optioned rights to a technology that can recharge the batteries of any hybrid electric and electric-powered vehicle while it is driven. The Tufts-developed technology could increase by 20 percent to 70 percent the miles per gallon or total driving range performance of vehicles like the Honda Civic, Ford Escape, and Toyota Prius hybrids and the Tesla Motors and Phoenix Motorcars electric vehicles.
- U Florida and Cyntellect Collaborate to Unlock Mysteries of Cancer Stem Cells
The University of Florida has entered into a research agreement with life sciences company Cyntellect. The university's Interdisciplinary Center for Biotechnology Research will work with the company to focus on a variety of research areas including the purification and analysis of cancer stem cells (CSCs), rare cells believed to be directly involved in propagating cancers.
- George Mason U Receives Grant To Deploy Intergraph Apps for Intelligence Curriculum
George Mason University (GMU) in Fairfax, VA has been awarded a grant from Intergraph to enable students enrolled in GMU's Geospatial Intelligence Graduate Certificate program to use the company's geospatial production and exploitation software as part of their core curriculum.
- Institute for Cyber Security at U Texas, San Antonio Opens Incubator
The University of Texas at San Antonio (UTSA) Institute for Cyber Security (ICS) has launched a new Internet security incubator. The incubator was developed to commercialize promising technologies that address major cyber security and privacy issues. The first companies to enter the incubator are Denim Labs and SafeMashups.
- ISO/IEC Publishes Office Open XML Standard
ISO/IEC has published the Office Open XML (OOXML) file format standard, formally known as ISO/IEC 29500:2008. It describes file formats originally designed by Microsoft for its Office 2007 productivity suite, which are used in presentation, spreadsheet and word processing applications.
- Dynamics NAV 2009 ERP Coming Next Month
Microsoft exec Kirill Tatarinov Wednesday described some new features to expect in the forthcoming Microsoft Dynamics NAV 2009 enterprise resource planning solution. He gave the keynote address at Microsoft's Convergence 2008 event in Copenhagen, Denmark.
