Database Cyber Security Guard's Deep Packet Inspection (DPI) prevents data theft by Ransomware Data Exfiltration, Hacker, Supply Chain, Rogue Insider, Zero Day, 3rd Party Cyber Risk, Phishing Email, Dev Ops Exploit and SQL Injection Attacks. Would have detected LOG4j and SUNBURST immediately. Protects DB2, Informix, MariaDB, MySQL, Oracle, PostgreSQL, SQL Server and Sybase database data. A next generation DLP product.

- Recent Data Breaches and Ransomware Attacks-

CommonSpirit Health with 140 Hospitals Breached
November 11, 2022. Twenty million Americans are at risk of 'dangerous' healthcare after a cyberattack at one of the US's largest hospital chains.
Medibank Largest Health Insurance Provider in Australia
November 7, 2022. Hacker claimed to have stolen the data on 9.7 million customers. Medibank confirmed that 500,000 health claims had been stolen in a data breach.
Kiwi Farms Forum Hacked
September 19, 2022. Emails, IP addresses and passwords were stolen. Hacker obtained the administrator credentials to the website via session hijacking.
American Airlines Data Breach
September 16, 2022. Data breach occurred in July of 2022. Approximately 1,700 employees and customers data was exposed in the breach as a result of a phishing attack.
Uber’s Private Slack Channel Breached
September 15, 2022. Hackers gained full access to Uber’s internal databases and source code. They were able to successfully get pass Uber’s multi-factor authentication.
U-Haul Data Breach
September 12, 2022. Customers names and drivers licenses were stolen. Hackers gained access to rental contracts from November 2021 to April 2022.
Cybersecurity Firm Cisco Hacked
August, 2022. Cisco disclosed the data breach. Hackers posted Cisco data to the Dark Web in August, 2022. Cisco joins Twillo and Cloudfare that were breached by the Cybercriminals they seek to defend against.
LastPass Breached 2nd Time
August, 2022. LastPass, one of the largest password managers in the world confirmed that it has been hacked.
Neopets User Data Posted for Sale
July 19, 2022. Hacker posted data for sale on 69 million Neopets users. Stolen data included date of birth, email address, name, zip code and much more.
Flagstar Bank in Michigan Breached
June, 2022. Social security numbers of 1.5 million customers were stolen. The attack occurred in December 2021 and was discovered in June 2022.
Block (formerly Square) Disclosed Cash App Breached
April, 2022. A former employee stole brokerage numbers, customer names, portfolio value, stock trading info and other data was stolen.
Okta an Autherntication Company Breached
March, 2022. 2.5% of their customers data was exposed. Hackers gained access via a 3rd-party customer support provider.
GiveSendGo Fundraising Website Hacked
February, 2022. Hackers posted personal details on 90,000 people.
Log4j Places Millions at Risk to a Data Breach
December, 2021. Cybersecurity officials fear devastating cyberattacks following discovery of a flaw in the widely-used Java-based software Log4j. The flaw risks data breaches to user data at any company employing it on their servers.
Oracle Delivers 390 Security Fixes
April 2021. Oracle released 390 new security fixes including patches for more than 200 bugs that could be exploited remotely without authentication. The security patches addresses a total of 41 vulnerabilities considered critical severity including 5 that feature a CVSS score of 10. The more severe of these could be exploited to execute code remotely potentially resulting in full system compromise.
SAP's 18 Security Fixes for Sybase
May, 2020. Sybase ASE is used by SAP products and 30,000 organizations worldwide. 90% of the top 50 banks and security firms use ASE. 4 of the 18 security fixes had a CVSS 8+ score. One fix allowed any user of a database regardless of their permission to gain Administrator access to the entire database.
Hackers Install Secret Backdoor on Thousands of Microsoft SQL Servers
April, 2020. Researchers uncovered a malicious campaign dating back to May 2018 that targets Windows machines running MS-SQL servers to deploy backdoors and other malware, including remote access tools and cryptominers.

1 of 2. Anatomy of a Data Breach by Hackers

Step 1. Hacker Gains Access to an Organization's Network
How? Hacker or Rogue Insider gains access to your organization's network via Zero Day Attacks, legitimate credentials obtained from using phishing, compromised credentials, etc. Remember Equifax, Uber, Yahoo and many more that were recently hacked. Hacker now logs into production database server with stolen credentials.
Step 2. Hacker Begins to Steal Confidential Database Data.
Hacker issues the SQL query 'SELECT * FROM CUSTOMER_CREDIT_CARDS'. This query returns all customer credit card data. If the CUSTOMER_CREDIT_CARDS table contained 50 million credit cards then 50 million rows of data would be sent across the network to the Hacker.
What Sql Power Tools Would Do
Refer to the below slider 'How Data Theft is Prevented by Sql Power Tools'. Product would immediately recognize that the SQL query has NEVER before been issued for this database from our ADVANCED SQL BEHAVIORAL ANALYSIS of 100% of the query and SQL activity. Also that the SQL query was issued from a IP address that has NEVER accessed the database in the past. Finally that NO applications on this database in the past have EVER queried 50 million rows of data. Hacker theft of confidential data is DEFINITELY in progress. We would immediately a) ALERT the Security Team with the details and b) TERMINATE the HACKER session so that confidential data is not stolen.

2 of 2. How Data Breaches are Prevented by Sql Power Tools

Protects Informix, MySQL, Oracle, SQL Server & Sybase confidential database data from Hackers and Rogue Insiders

Step 1. Hacker Gains Access to Organization's Network
Hacker or Rogue Insider logs into a database server with valid credentials. If the login was submitted from an IP address that NEVER previously logged into the server the Security Team is immediately notified. This is suspicious activity.
Step 2. Hacker Query is Immediately Observed
Product's ADVANCED SQL BEHAVIORAL ANALYSIS of the query and SQL activity product knows that the Step 2 query (SELECT * FROM CUSTOMER CREDIT CARDS) or any form of SQL Injection has NEVER before been sent to this database. Also that the hacker IP address has never logged into the database and that no applications running on this database have EVER queried 50 million rows of data. An email alert is IMMEDIATELY sent to the Security Team with the supporting details along with the SQL code the Hacker used. The HACKER session is immediately terminated by the product since a data breach is DEFINITELY occurring.

Product Architecture

Data Breach Prevention Features

- 1 -
- 2 -
- 3 -

Product Screenshots

Setup Wizard Protects Databases in a few Minutes.
Specify Data Breach Alert Criteria.
Real-time Dashboard of Hacker Activity.
View a Dashboard summary of hacker database activity over any time period. Double click on a database instance to view all database SQL hackers or rogue insiders issued prior to being shutdown.
Real-time Data Breach Email Alerts.
Also view hacker or rogue insider activity across the server farm over any time period.
View all Hacker Database Activity.
Hacker sessions detected and terminated over last 30 days when attempting to steal confidential database data.

Product Setup and Operation

Step 1 of 4. Install Product
Install product in 15 minutes. Setup wizard creates product repository, real-time data breach alerts and configures Database Cyber Security Guard. Typically install on a Linux or Windows server. All database environments may be protected.
Step 2 of 4. Capture SQL Activity
Database Cyber Security Guard Agent non-intrusively captures two days of database instance SQL activity for the Advanced SQL Behavioral Analysis of database queries and SQL. Agent never connects to protected database instance. Performed at initial setup.
Step 3 of 4. Advanced SQL Behavioral Analysis
Advanced SQL Behavioral Analysis on the Step 2 captured database queries and SQL. Product learns what the normal query patterns and application behaviors are with the IP address every unique query was sent from plus the maximum data sent for each unique query. Most databases have 2,000 to 20,000 unique queries that run millions of times a day. Performed at initial setup.
Step 4 of 4. Real-time Protection of Database Data From Hackers
7x24 all database queries are checked in real time against the learned query patterns. Never before observed queries, queries sent from unknown IPs or sending a never before observed amount of data are known within milliseconds. Security team will know immediately when rogue insiders or hackers have penetrated the network and are attempting to steal confidential database data.
Product protects credit card, tax ID, medical, social media, corporate, manufacturing, law enforcement, defense, homeland security and public utility database data. Sends real-time alerts when never before database queries or IP addresses are observed; or excessive database data has been sent. Terminates Hacker session immediately. View all Hacker sessions with the database queries they issued plus the data Hacker attempted to steal. Product ROI is immediate.

© Copyright 2021 Sql Power Tools, Inc. All rights reserved.

Contact us:   (800) 733-5978