DataSunrise Data Audit for Amazon Aurora

Amazon Aurora data audit tool by DataSunrise enables you to learn a big picture of database activity. Knowing who, why and when queried your database is more than just helpful, especially when working in the cloud. Moreover, continual data auditing plays an important role in database security as well. When paired with SIEM system, DataSunrise helps not only to reveal data theft that already occured, but to detect data breach preparations beforehand.

Tech Info

Common information about Amazon Aurora Data Audit

Amazon Aurora Data Audit by DataSunrise is a powerful database activity monitoring (DAM) solution. Here are some typical use cases for DAM technology:

    • Monitoring privileged users behavior. Yes, database administrators also pose a potential threat to your data security. They can hide their malicious activity within the database but can do nothing with DAM solution.
    • Detecting suspicious user activity, whether it's just a nosy employee or an experienced hacker looking for vulnerabilities in your system. Knowing about suspicious activity you can prevent data breach in advance.
    • Detecting dormant user accounts and other vulnerabilities that can be exploited by hackers.
    • Revealing and investigating data leak. Sometimes you don’t even suspect that your data is stolen. DAM helps you to reveal already-occurred data breach and conduct proper investigation.
    • Many government and industry standards such as SOX, PCI DSS and HIPAA require their subjects to employ data auditing and database activity monitoring.
    • Collecting statistics.
 

More detailed information on monitoring feature is available here.

Amazon Aurora Data Audit

DataSunrise enables real-time tracking of database user activity and changes made to database tables. In simple words, you can easily find out who, when and why accessed your database.

audit event details

Data Sunrise retrieves and logs the following data:

  • SQL query code
  • Session duration
  • Number of rows affected by query, and query results
  • Database errors
  • Database user information (user name, host name)
  • Information on client application used to query database (application name, host name).
 siem_audit

Audit results are saved into DataSunrise-integrated SQLite database or to external database. The most important point that collected data can be exported to third-party solution such as SIEM. When paired with SIEM system DataSunrise enables you to learn a full picture of database user activity.Additionally, DataSunrise features self-learning functionality, Learning mode. DataSunrise logs typical database events and creates a white list of queries considered as «safe» in given database environment.

Related Articles