Sentrigo Intros Hedgehog vPatch to Avoid Database Vulnerabilities
TMCnet - The World's Largest Communications and Technology Community
TMC Launches New Sites ::  NGC  |  4GWE  |  Green Tech  |  Satellite  |  IT |  ITEXPO  |  Healthcare  |  Smart Grid  |  M2M  |  Smart Products  |  AstriCon News  |  SATCON News
TMCnet CHANNELS
#1 VoIP Enabler: Risk-free, Quick & Easy Deployment
Advanced Carrier Services
Appliance Deployment
ATCA
Auto Dialer
BPA (3rd Party Remote Call Monitoring)
Broadcast Modulator
Business Phone Systems
Business Process Automation
Business VoIP
Call Center
Call Center Certification
Call Center Digital Signage
Call Center Furniture
Call Center Hiring
Call Center Management
Call Center On Demand
Call Center Outsourcing
Call Center Scheduling
Call Center Software
Call Center Solutions
Call Center Training
Call Center Workforce Management
Call Monitoring
Call Recording
Communications Enabled Business Processes
Conference Call
Conferencing
Contact Center Headsets
Contact Center Software
CRM Software
CRM Solutions
DID/DDI
Digital Signage
e911
E911 Hosted Solutions
Email Archiving
Email Server
Enterprise Fax over IP
Enterprise VoIP
Ethernet Extender
Fax
Fax Over IP
FoIP
HD Conference
Hosted Contact Center
Hosted Exchange
Hosted PBX
Integrated Communications
IP Fax
IP Multimedia
IP Phone Maker
IP Phone System
IP Phones
IVR
Lead Management Software
Master Agent
Mobile Management
Mobile Unified Communications
Mobile Video
NEBS
Network Installation
Open Source CRM
PBX PCI Adapter
Phone Systems
Portable Satellite Antenna
Predictive Dialer
Sales Software
SATCON
SIP
Speech Recognition and Text to Speech
Telecom Cost Management
Telecom Expense Management
Telecom Lifecycle Management
Telecom Training
Telemarketing Software
Telepresence
Testing IP Services
Virtual Call Center
Virtual Office
Virtual PBX
Virtual Receptionist
Voice Broadcast
Voice Management
Voice Over IP
Voice Peering
Voicemail Replacement
VoIP Call Recording
VoIP Contact Center
VoIP Developer
VoIP Gateways
VoIP Monitoring
VoIPSwitch
Web Conferencing
Web Meeting
Wholesale VoIP
Wireless Expense Management
Wireless Management
Workforce Management
Workforce Optimization
Share
TMCnews
[July 17, 2008]

Sentrigo Intros Hedgehog vPatch to Avoid Database Vulnerabilities

TMCnet Contributing Editor
 
Sentrigo, Inc. today launched the Hedgehog vPatch, a virtual patching software, that it says will protect databases against known vulnerabilities as soon as they are discovered.
 
The software is designed to protect corporate databases against recently discovered security issues, without requiring database downtime and affecting related applications, according to the company.
 
Database vendors study their software and receive input from communities and security experts, who identify vulnerabilities that can be patched with software updates. However, it may take months to patch a known vulnerability and the fixes can be difficult to apply. Also, it requires extensive application testing and then database downtime.


 
This results in business disruption or loss of support from software vendors that certify their applications only for particular database configurations, company officials say. Additionally, many widely used database versions are no longer supported by vendors and thus are never patched.


 
Eric Ogren, principal analyst at the Ogren Group, studies customer use of database management systems and database industry trends.
 
“Organizations, particularly those in highly regulated industries, fully appreciate the need for database protection, but struggle to keep their systems current when vulnerabilities are continuously being discovered,” Ogren said. “Sentrigo’s host-based vPatch software operates on the internal database structures to defend against exploits, but without altering the DBMS itself. Enterprises are better protected from the latest attacks without affecting application uptime or modifying existing compliant database configurations.”
 
According to Sentrigo’s data, gathered from 305 Oracle (News - Alert) database administrators, consultants and developers, only 10 percent install Oracle Critical Patch Updates in a timely manner following that company’s quarterly releases. Even if organizations use Oracle CPU, they are at risk between patch installations, when vulnerabilities have been discovered but not addressed, company officials say.
 
“The risk window after an exploit has been published on the web is months or even years long,” said Slavik Markovich, Sentrigo’s chief technology officer. “Indeed, it’s more likely that a vulnerability will be exploited after a patch has been issued. With Hedgehog vPatch, we’re offering immediate protection against known database vulnerabilities with ongoing updates delivered automatically. RDBMS vendors have been investing significant efforts to patch their databases frequently, and Sentrigo encourages all companies to install vendor patches when they are made available. But when they can’t, or when installation is delayed because business systems can’t be taken down, Hedgehog vPatch protects databases and keeps them up to date.”
 
“Although there have been improvements in DBMS security options, organizations struggle to secure established DBMSs that were not designed with effective security controls,” wrote Jeffrey Wheatman in a report by Gartner (News - Alert), Inc. titled “Take Six Steps to Secure Your Databases,” published October 24, 2007.
 
The report continues, “We have also seen an increased focus on data security resulting from regulatory pressures. You can take several actions to secure your databases/DBMSs. But even if you follow every recommendation, there are still potential risks to your data.” The report goes on to state that “Keeping up-to-date with patches and hot-fixes is difficult.”
 
The new software can prevent intrusions by terminating or quarantining user sessions, as well as to generate alerts. The product currently supports Oracle and Microsoft (News - Alert) databases.
 
Arun Satapathy is a contributing editor for TMCnet. To read more of Arun’s articles, please visit his columnist page.
 
Don’t forget to check out TMCnet’s White Paper Library, which provides a selection of in-depth information on relevant topics affecting the IP Communications industry. The library offers white papers, case studies and other documents which are free to registered users. Today’s featured white paper is  The Compelling ROI Benefits of Contact Center Quality and Performance Management Technologies, brought to you by Voice Print International (News - Alert).

[ Back To TMCnet.com's Homepage ]
Discussions:
Be the first to post a comment on this page!
 
By  
TMCnet
+ Add to the Discussion
Bookmark mobile.TMCnet.com on your mobile phone now to stay on top of the latest tech news.
Featured White Papers
Featured White Paper RSS feed
10 reasons to switch to an IP PBX
Application Whitelisting: A new security paradigm
SCADA Systems Protection
view all white papers…
Top Stories
Today's TMCnet Top Stories and News Articles
Comstor Singapore Picks #1 VoIP Enabler for Risk-free, Quick &…
Conferencing Feature: ROI Proves the Worth of Unified Communications
Arizona State Library Seeks $1.2 Million in Broadband Stimulus …
Durability Important Consideration When Selecting Ergonomic Call Cente…
Enterprise Fax Over IP: Mumbai International Airport Integrates Fax Se…
more of today's top stories...
Related VoIP News
Latest IP Communitions and VoIP News
SuperNet of Ohio Launches New Hosted VoIP Service for SMBs
Ronco Distributes Ascom's Wireless Communication Products
AudioCodes Intros MSBG PLUS an Open Platform for Unified Communications
New Vodafone 360 Samsung M1 Handset Built on LiMo Platform Brings Rich, Personalized Mobile Experience to Customers
Nortel Leverages Amazon EC2, Offers On-Demand Access to Cloud-Based Real-Time Applications

Subscribe FREE to all of TMC's monthly magazines. Click here now.