Hedgehog Enterprise v4.0 combines powerful new features of Sentrigo DBscanner and integration with McAfee ePO
SANTA CLARA, Calif., September 13, 2010 - Sentrigo, Inc., the innovator in database security software, today announced a fully integrated database activity monitoring and vulnerability assessment solution for enterprises. Available immediately, Hedgehog Enterprise™ v4.0 provides a complete database activity monitoring and intrusion prevention platform combined with new capabilities to find, scan and validate databases containing sensitive information on a network to meet regulatory standards.
This latest version of Sentrigo’s flagship database activity monitoring software incorporates the new Hedgehog DBscanner™, a vulnerability assessment and security scanning solution, providing a single management interface to the full database security suite. Whether running one module or the entire Hedgehog suite, security and compliance events as well scan results can be seamlessly integrated into most common network and security monitoring systems, now including McAfee ePO.
Hedgehog DBscanner - vulnerability assessment for databases, designed specifically for the enterprise
Hedgehog DBscanner streamlines the process of identifying sensitive data on a network and securing it properly to meet regulatory standards. By improving visibility into vulnerabilities and providing expert recommendations for remediation, DBscanner protects against damaging breaches and saves money through better preparation for compliance audits.
With a comprehensive assessment of the most widely-deployed database management systems, Hedgehog DBscanner conducts more than 3,000 different checks of Oracle, Microsoft SQL Server, IBM DB2 and MySQL databases. The product automatically discovers databases on a network, and then locates and identifies tables containing restricted information such as passwords, credit card details and personally identifiable information (PII).
Hedgehog DBscanner checks for password vulnerabilities, including password strength, use of shared accounts/passwords, and embedded passwords within applications – all through highly efficient techniques to minimize load on production servers. The system analyzes database servers for possible misconfigurations, monitors them for potential backdoors, including rootkits, and tracks modifications to privileges and user tables. Where possible, scan results from Hedgehog DBscanner also provide recommendations and fix scripts to address the weaknesses.
Designed to simplify compliance audits, Hedgehog DBscanner provides regulatory compliance report templates as well as custom reporting. Reports detail each database’s current version, patch level and any discovered vulnerabilities, including SQL injection, buffer overflow, and malicious or insecure PL/SQL and T-SQL code. The new DBscanner, like the entire Hedgehog family of products, has been architected to operate seamlessly in virtualized or cloud computing environments.
“Users are increasingly anxious about the security of their data, and especially about inappropriate patterns of access,” said Carl Olofson, Research Vice President of database management and data integration software research at IDC. “Many database security products rely on a fairly static network topology, which is inhibiting the adoption of new IT deployment models such as virtualization and the private Cloud. Having the ability to protect database data despite a virtualized environment or shifting network deployment configurations would certainly encourage such adoption, and would free enterprises to deploy databases in more flexible and useful ways, knowing their data is safe.”
McAfee ePolicy Orchestrator (ePO) Integration
Real time security and compliance events generated by Hedgehog Enterprise v4.0 and scan results from Hedgehog DBscanner are integrated with the McAfee ePO dashboard, providing enterprise organizations with centralized reporting and summary information for thousands of databases from a common interface. For more detailed threat information and scan configuration, direct links from McAfee ePO open the Hedgehog Enterprise alert console or invoke the vulnerability scanning management console with granular control over every operation, allowing customers who have invested in centralizing their security management through McAfee ePO to gain additional value from the McAfee platform.
“Until now, the tasks of verifying that sensitive information is being adequately protected from growing threats, and being able to demonstrate that level of security to auditors in order to meet regulatory requirements, have been primarily based on snapshots at a point in time for each specific data asset,” stated Dan Sarel, vice president of products at Sentrigo. “Hedgehog DBscanner brings a whole new approach to solving this problem at the enterprise level, simplifying the audit process and dramatically reducing the resources required for each scan. By centralizing the scanning process, and most importantly, by making vulnerability assessment part of an ongoing scheduled process, organizations now have the necessary information at any time to respond to an audit, and can be proactive in closing any security gaps.”
Product Support and Availability
Hedgehog Enterprise v4.0 and Hedgehog DBscanner are available immediately, including evaluation versions of either individual product or the integrated suite. Hedgehog DBscanner supports scanning of Oracle version 9.1 or later, Microsoft SQL Server 2000 or later, IBM DB2 version 8.1 or later for Linux, UNIX and Windows, and MySQL version 4.0 or later.
Existing customers on support can obtain the upgrade to Hedgehog Enterprise v4.0 directly from Sentrigo’s support portal. Hedgehog DBscanner is a separately licensed module in the Hedgehog suite; existing customers wishing to utilize the vulnerability assessment capabilities should contact their account manager for an evaluation license or quotation.
Sentrigo, Sentrigo Hedgehog, Hedgehog IDentifier, Hedgehog vPatch and the Sentrigo logo are trademarks of Sentrigo, Inc. All other trademarks are the property of their respective holders.