Database Cyber Security Guard's User and Entity Behavior Analytics (UEBA) and Deep Packet Inspection (DPI) prevents data theft from Zero Day, Ransomware, Data Breach, Hacker, Supply Chain, Rogue Insider, 3rd Party Cyber Risk, Phishing Email, Dev Ops Exploit and SQL Injection Attacks. Would have detected LOG4j and SUNBURST immediately. Protects DB2, Informix, MariaDB, MySQL, Oracle, PostgreSQL, SQL Server and Sybase database data. A next generation DLP product.

- Recent Data Breaches and Ransomware Attacks-

LoanDepot Data Breach Impacted 16 Million Customers
January 22, 2024. LoanDepot a leading provider in the loan and mortgage industry reported a significant cybersecurity breach impacting approximately 16.6 million customers. Customers had their sensitive personal information stolen by Hackers.
MongoDB Corporate Databases were Breached
December 16. 2023. MongoDB announced its corporate databases were breached and that customer data was accessed by Hackers. The unauthorized access had been going on for some time before being discovered..
Caesars Loyalty Program Database Stolen by Hackers
September 14, 2023. Caesars the largest U.S. casino chain paid a $15 million ransom to avoid the online leak of its loyalty program database. Customer driver license and social security numbers were stolen by Hackers in a recent cyberattack.
MSSQL Databases Hacked by DB#JAMMER
September 01, 2023. MSSQL Databases hacked by DB#JAMMER. After infiltration Hackers expand their foothold within the target system and use MSSQL as a beachhead to launch several different payloads.
LastPass Massive Data Breach
March 7, 2023. Hackers stole partially encrypted password vault data and customer information.
Cybersecurity Firm Cisco Hacked
August, 2022. Cisco joins Twillo and Cloudfare that were breached by the Cyber criminals they seek to defend against.
Log4j Places Millions at Risk to a Data Breach
December, 2021. Cybersecurity officials fear devastating cyberattacks following discovery of a flaw in the widely-used Java-based software Log4j. The flaw risks data breaches to user data at any company employing it on their servers.
Oracle Delivers 390 Security Fixes
April 2021. Oracle released 390 new security fixes including patches for more than 200 bugs that could be exploited remotely without authentication. The security patches addresses a total of 41 vulnerabilities considered critical severity including 5 that feature a CVSS score of 10. The more severe of these could be exploited to execute code remotely potentially resulting in full system compromise.
SAP's 18 Security Fixes for Sybase
May, 2020. Sybase ASE is used by SAP products and 30,000 organizations worldwide. 90% of the top 50 banks and security firms use ASE. 4 of the 18 security fixes had a CVSS 8+ score. One fix allowed any user of a database regardless of their permission to gain Administrator access to the entire database.
Hackers Install Secret Backdoor on Thousands of Microsoft SQL Servers
April, 2020. Researchers uncovered a malicious campaign dating back to May 2018 that targets Windows machines running MS-SQL servers to deploy backdoors and other malware, including remote access tools and cryptominers.

1 of 2. Anatomy of a Data Breach by Hackers

Step 1. Hacker Gains Access to an Organization's Network
How? Hacker or Rogue Insider gains access to your organization's network via Zero Day Attacks, legitimate credentials obtained from using phishing, compromised credentials, etc. Remember Equifax, Uber, Yahoo and many more that were recently hacked. Hacker now logs into production database server with stolen credentials.
Step 2. Hacker Begins to Steal Confidential Database Data.
Hacker issues the SQL query 'SELECT * FROM CUSTOMER_CREDIT_CARDS'. This query returns all customer credit card data. If the CUSTOMER_CREDIT_CARDS table contained 50 million credit cards then 50 million rows of data would be sent across the network to the Hacker.
What Sql Power Tools Would Do
Refer to the below slider 'How Data Theft is Prevented by Sql Power Tools'. Product would immediately recognize that the SQL query has NEVER before been issued for this database from our ADVANCED SQL BEHAVIORAL ANALYSIS of 100% of the query and SQL activity. Also that the SQL query was issued from a IP address that has NEVER accessed the database in the past. Finally that NO applications on this database in the past have EVER queried 50 million rows of data. Hacker theft of confidential data is DEFINITELY in progress. We would immediately a) ALERT the Security Team with the details and b) TERMINATE the HACKER session so that confidential data is not stolen.

2 of 2. How Data Breaches are Prevented by Sql Power Tools

Protects Informix, MySQL, Oracle, SQL Server & Sybase confidential database data from Hackers and Rogue Insiders

Step 1. Hacker Gains Access to Organization's Network
Hacker or Rogue Insider logs into a database server with valid credentials. If the login was submitted from an IP address that NEVER previously logged into the server the Security Team is immediately notified. This is suspicious activity.
Step 2. Hacker Query is Immediately Observed
Product's ADVANCED SQL BEHAVIORAL ANALYSIS of the query and SQL activity product knows that the Step 2 query (SELECT * FROM CUSTOMER CREDIT CARDS) or any form of SQL Injection has NEVER before been sent to this database. Also that the hacker IP address has never logged into the database and that no applications running on this database have EVER queried 50 million rows of data. An email alert is IMMEDIATELY sent to the Security Team with the supporting details along with the SQL code the Hacker used. The HACKER session is immediately terminated by the product since a data breach is DEFINITELY occurring.

Product Architecture

Data Breach Prevention Features

- 1 -
- 2 -
- 3 -

Product Screenshots

Setup Wizard Protects Databases in a few Minutes.
Specify Data Breach Alert Criteria.
Real-time Dashboard of Hacker Activity.
View a Dashboard summary of hacker database activity over any time period. Double click on a database instance to view all database SQL hackers or rogue insiders issued prior to being shutdown.
Real-time Data Breach Email Alerts.
Also view hacker or rogue insider activity across the server farm over any time period.
View all Hacker Database Activity.
Hacker sessions detected and terminated over last 30 days when attempting to steal confidential database data.

Product Setup and Operation

Step 1 of 4. Install Product
Install product in 15 minutes. Setup wizard creates product repository, real-time data breach alerts and configures Database Cyber Security Guard. Typically install on a Linux or Windows server. All database environments may be protected.
Step 2 of 4. Capture SQL Activity
Database Cyber Security Guard Agent non-intrusively captures two days of database instance SQL activity for the Advanced SQL Behavioral Analysis of database queries and SQL. Agent never connects to protected database instance. Performed at initial setup.
Step 3 of 4. Advanced SQL Behavioral Analysis
Advanced SQL Behavioral Analysis on the Step 2 captured database queries and SQL. Product learns what the normal query patterns and application behaviors are with the IP address every unique query was sent from plus the maximum data sent for each unique query. Most databases have 2,000 to 20,000 unique queries that run millions of times a day. Performed at initial setup.
Step 4 of 4. Real-time Protection of Database Data From Hackers
7x24 all database queries are checked in real time against the learned query patterns. Never before observed queries, queries sent from unknown IPs or sending a never before observed amount of data are known within milliseconds. Security team will know immediately when rogue insiders or hackers have penetrated the network and are attempting to steal confidential database data.
Product protects credit card, tax ID, medical, social media, corporate, manufacturing, law enforcement, defense, homeland security and public utility database data. Sends real-time alerts when never before database queries or IP addresses are observed; or excessive database data has been sent. Terminates Hacker session immediately. View all Hacker sessions with the database queries they issued plus the data Hacker attempted to steal. Product ROI is immediate.

© Copyright 2024 Sql Power Tools, Inc. All rights reserved.

Contact us:   (800) 733-5978