Deep protocol analysis, machine learning, and behavioral analysis - bringing intelligence to cyber security
  • Simplified, transparent, drop-in installation
  • Non-intrusively discover databases
  • Detailed insights on data in motion - including the interactions of applications to their connected databases
  • Detect core network policy violations
  • Rapid behavioral model construction
  • Immediate SQL injection protection for legacy applications and 3rd party applications
  • Protection against Zero-Day SQL injection attacks
  • Immediate SQL injection protection against application framework vulnerabilities
  • Implemented as physical or virtual appliance

DB Networks' Technology

While Web applications can produce dynamic, and often extremely complex SQL, it turns out this behavior that can be modeled. DB Networks technology applies deep protocol analysis to all SQL statements dispatched from your Web applications destined to your databases in order to construct a unique multi-dimensional behavioral model. Using this behavioral model, each SQL statement is then subjected to a thorough lexical analysis and SQL semantic comparison analysis. Any rogue SQL statements are immediately identified and your defined alarm procedure is invoked.

Adaptive Behavioral Model

Our technology is a novel patent-pending approach that learns and models an applications unique behavior for generating SQL statements. After a short learning period to construct the behavioral model, a suite of detection algorithms then evaluate each SQL statement against the application's unique behavioral model. New SQL statements, not seen during the learning process, go through structural analysis. Any SQL statement not consistent with the established behavioral model is identified as a likely SQL injection attack. This entire process is automatic. DB Networks technology is completely plug-and-play -- there are no blacklists, signatures, or whitelists to configure and maintain. Behavioral analysis has proven to be highly accurate at identifying even then stealthiest of SQL injection attacks.


Technical Requirements
  • Oracle server release 8i (8.1.7) or later
    Microsoft SQL Server version 2000 or later
  • Bi-directional mirrored port or passive
    tap capture to feed 10/100/1000 Mbit/sec capture ports
  • IDS-6300v virtual appliance supported
    under VMware ESXi 5.1, 5.5
System Specifications
  • 2U x 19 inch rack mount form factor
  • Dual redundant power supplies -300W
  • 2 TB of RAID10 storage for captured workloads
  • 480 GB High performance SSD
  • 2 TB Achival storage
  • Encrypted data
  • Operator authentication
  • Role based permissions to limit access to sensitive data
  • Support for encrypted database interfaces