Sentrigo Introduces Hedgehog vPatch to Provide Immediate Protection Against Database Vulnerabilities
Significantly reduces window of risk between vendor security patch installations – with no downtime and no impact on applications
WOBURN, Mass.--(BUSINESS WIRE)--Sentrigo, Inc., an innovator in database security software, today announced Hedgehog vPatch™, the first virtual patching software to protect databases against known vulnerabilities as soon as they are discovered. Hedgehog vPatch allows customers to address the widely recognized problem of fortifying corporate databases against recently discovered security issues in a manner that requires no database downtime and without affecting related applications.
“Keeping up-to-date with patches and hot-fixes is difficult.”
Database vendors continuously study their software and receive input from communities and security experts worldwide who identify vulnerabilities that may then be patched with software updates. However, it may take months to patch a known vulnerability and the fixes can be difficult to apply. Installing a patch usually requires extensive application testing and then database downtime. This can result in business disruption or loss of support from software vendors that certify their applications only for particular database configurations. Additionally, many widely used database versions are no longer supported by vendors and thus are never patched.
Eric Ogren, principal analyst at the Ogren Group, studies customer use of database management systems and database industry trends. “Organizations, particularly those in highly regulated industries, fully appreciate the need for database protection, but struggle to keep their systems current when vulnerabilities are continuously being discovered. Sentrigo's host-based vPatch software operates on the internal database structures to defend against exploits, but without altering the DBMS itself. Enterprises are better protected from the latest attacks without affecting application uptime or modifying existing compliant database configurations.”
In early 2008, Sentrigo released data gathered from 305 Oracle database administrators, consultants and developers indicating that only 10 percent install Oracle Critical Patch Updates (CPUs) in a timely manner following that company’s quarterly releases. Even those organizations that do make use of Oracle CPUs are at risk between patch installations, when vulnerabilities have been discovered but not addressed.
“The risk window after an exploit has been published on the web is months or even years long,” said Slavik Markovich, Sentrigo’s chief technology officer. “Indeed, it’s more likely that a vulnerability will be exploited after a patch has been issued. With Hedgehog vPatch, we’re offering immediate protection against known database vulnerabilities with ongoing updates delivered automatically. RDBMS vendors have been investing significant efforts to patch their databases frequently, and Sentrigo encourages all companies to install vendor patches when they are made available. But when they can’t, or when installation is delayed because business systems can’t be taken down, Hedgehog vPatch protects databases and keeps them up to date.”
“Although there have been improvements in DBMS security options, organizations struggle to secure established DBMSs that were not designed with effective security controls,” wrote Jeffrey Wheatman in a report by Gartner, Inc. entitled "Take Six Steps to Secure Your Databases," published October 24, 2007. The report continues, “We have also seen an increased focus on data security resulting from regulatory pressures. You can take several actions to secure your databases/DBMSs. But even if you follow every recommendation, there are still potential risks to your data.” The report goes on to state that “Keeping up-to-date with patches and hot-fixes is difficult.”
Immediately Expand Database Protection
Sentrigo developed Hedgehog vPatch based on database monitoring rules created by the company’s Red Team of security researchers. The team also draws on its network of other researchers, including company advisors and renowned Oracle database experts Pete Finnigan and Alexander Kornbrust. Once Sentrigo identifies vulnerabilities, the company typically patches them within days and automatically delivers updates to Hedgehog vPatch customers, who can then deploy them in a matter of minutes without affecting database uptime.
Hedgehog vPatch is based on the same technology and architecture as Hedgehog Enterprise. Rather than relying on a network appliance approach, Hedgehog is a software solution that uses agent technology to reside directly on the database server. As a result, it can operate at the database object level in addition to evaluating SQL statements associated with known vulnerabilities.
Hedgehog vPatch can be used to prevent intrusions by terminating or quarantining user sessions, as well as to generate alerts. The product currently supports Oracle and Microsoft databases.
Hedgehog vPatch is available for immediate download and free evaluation at www.virtual-patching.com. Pricing is begins at $750 per database server CPU for an annual subscription.
Sentrigo, Inc. is a recognized innovator in database security. The company’s Hedgehog software provides full-visibility database activity monitoring and real-time protection, and has been rapidly adopted by Fortune 1000 companies to defend mission-critical data against insider misuse as well as outsider intrusion. Enterprises across industry sectors are also using Sentrigo Hedgehog to accelerate compliance with regulatory requirements such as PCI DSS, Sarbanes-Oxley and HIPAA. Sentrigo has won wide acclaim for its industry and technology leadership by publications such as Network World and SC Magazine. For additional information and to download Hedgehog, visit www.sentrigo.com.
Sentrigo, Sentrigo Hedgehog, Hedgehog IDentifier and the Sentrigo logo are trademarks of Sentrigo, Inc. All other trademarks are the property of their respective holders.