Sentrigo Introduces Hedgehog vPatch to Provide Immediate Protection Against Database Vulnerabilities

2008-07-15 07:00:00

Significantly reduces window of risk between vendor security patch

installations – with no downtime and no impact

on applications

WOBURN, Mass.–(EMWPresswire)–Sentrigo, Inc., an innovator in

database security software, today announced Hedgehog vPatch,

the first virtual patching software to protect databases against known

vulnerabilities as soon as they are discovered. Hedgehog vPatch allows

customers to address the widely recognized problem of fortifying

corporate databases against recently discovered security issues in a

manner that requires no database downtime and without affecting related

applications.

Database vendors continuously study their software and receive input

from communities and security experts worldwide who identify

vulnerabilities that may then be patched with software updates. However,

it may take months to patch a known vulnerability and the fixes can be

difficult to apply. Installing a patch usually requires extensive

application testing and then database downtime. This can result in

business disruption or loss of support from software vendors that

certify their applications only for particular database configurations.

Additionally, many widely used database versions are no longer supported

by vendors and thus are never patched.

Eric Ogren, principal analyst at the Ogren Group, studies customer use

of database management systems and database industry trends. Organizations,

particularly those in highly regulated industries, fully appreciate the

need for database protection, but struggle to keep their systems current

when vulnerabilities are continuously being discovered. Sentrigo’s

host-based vPatch software operates on the internal database structures

to defend against exploits, but without altering the DBMS itself.

Enterprises are better protected from the latest attacks without

affecting application uptime or modifying existing compliant database

configurations.

In early 2008, Sentrigo released data gathered from 305 Oracle database

administrators, consultants and developers indicating that only 10

percent install Oracle Critical Patch Updates (CPUs) in a timely manner

following that companys quarterly releases.

Even those organizations that do make use of Oracle CPUs are at risk

between patch installations, when vulnerabilities have been discovered

but not addressed.

The risk window after an exploit has been

published on the web is months or even years long,

said Slavik Markovich, Sentrigos chief

technology officer. Indeed, its

more likely that a vulnerability will be exploited after a patch has

been issued. With Hedgehog vPatch, were

offering immediate protection against known database vulnerabilities

with ongoing updates delivered automatically. RDBMS vendors have been

investing significant efforts to patch their databases frequently, and

Sentrigo encourages all companies to install vendor patches when they

are made available. But when they cant, or

when installation is delayed because business systems cant

be taken down, Hedgehog vPatch protects databases and keeps them up to

date.

Although there have been improvements in

DBMS security options, organizations struggle to secure established

DBMSs that were not designed with effective security controls,

wrote Jeffrey Wheatman in a report by Gartner, Inc. entitled “Take Six

Steps to Secure Your Databases,” published October 24, 2007. The report

continues, We have also seen an increased

focus on data security resulting from regulatory pressures. You can take

several actions to secure your databases/DBMSs. But even if you follow

every recommendation, there are still potential risks to your data. The

report goes on to state that Keeping

up-to-date with patches and hot-fixes is difficult.

Immediately Expand Database Protection

Sentrigo developed Hedgehog vPatch based on database monitoring rules

created by the companys Red Team of security

researchers. The team also draws on its network of other researchers,

including company advisors and renowned Oracle database experts Pete

Finnigan and Alexander Kornbrust. Once Sentrigo identifies

vulnerabilities, the company typically patches them within days and

automatically delivers updates to Hedgehog vPatch customers, who can

then deploy them in a matter of minutes without affecting database

uptime.

Hedgehog vPatch is based on the same technology and architecture as

Hedgehog Enterprise. Rather than relying on a network appliance

approach, Hedgehog is a software solution that uses agent technology to

reside directly on the database server. As a result, it can operate at

the database object level in addition to evaluating SQL statements

associated with known vulnerabilities.

Hedgehog vPatch can be used to prevent intrusions by terminating or

quarantining user sessions, as well as to generate alerts. The product

currently supports Oracle and Microsoft databases.

Hedgehog vPatch is available for immediate download and free evaluation

at www.virtual-patching.com.

Pricing is begins at $750 per database server CPU for an annual

subscription.

About Sentrigo

Sentrigo, Inc. is a recognized innovator in database security. The

companys Hedgehog software provides

full-visibility database activity monitoring and real-time protection,

and has been rapidly adopted by Fortune 1000 companies to defend

mission-critical data against insider misuse as well as outsider

intrusion. Enterprises across industry sectors are also using Sentrigo

Hedgehog to accelerate compliance with regulatory requirements such as

PCI DSS, Sarbanes-Oxley and HIPAA. Sentrigo has won wide acclaim for its

industry and technology leadership by publications such as Network World

and SC Magazine. For additional information and to download Hedgehog,

visit www.sentrigo.com.

Sentrigo, Sentrigo Hedgehog, Hedgehog IDentifier and the Sentrigo logo

are trademarks of Sentrigo, Inc. All other trademarks are the property

of their respective holders.

Schwartz Communications, Inc.
Tim Whitman and Shweta Agarwal,

781-684-0770
sentrigo@schwartz-pr.com

free cash grants, free grant money, free money, cash grants, scholarships, business grants, foundation grants, government grants, debt grants, consolidation, college tuition, financial aid, medical grants, personal grants, medical bills, unsecured loans, no interest loans, financing, loans, capital, non profit organizations

Major Newsire & Press Release Distribution with Basic Starting at only $19 and Complete OTCBB / Financial Distribution only $89

Get Unlimited Organic Website Traffic to your Website
TheNFG.com now offers Organic Lead Generation & Traffic Solutions