|
Intrusion Detection for Database Tech |
|
|
|
Source: Sci-Tech Today - Posted by Pax Dickinson
|
Application security differs from network and host security. The applications vary but the attacker's goal is always the same -- to access the database. Since applications use SQL to communicate with the database, a good application IDS parses SQL, providing an objective layer of protection that understands the traffic yet remains independent of the application.
Applications and their back-end databases are increasingly exposed to application-level intrusions, such as SQL injection, cross-site scripting attacks and access by unauthorized users -- all of which bypass front-end securityRelevant Products/Services from Messagelabs systems and attack data at its source.
What has emerged in response is a new level of security -- application security -- that implements traditional network- and operating system-level intrusion-detection system (IDS) concepts at the database Latest News about database (that is, application) level.
Unlike generic network or operating system solutions, application IDS provides active, SQL-specific protection and monitoring, protecting thousands of prepackaged and homegrown Web applications. For example, application IDSs monitor and defend critical data against database-specific attacks such as buffer overflows and Web application attacks, and will also audit these events.
Read this full article at Sci-Tech Today
Powered by AkoComment! |
