DataSunrise Database Activity Monitoring for Heroku Postgres
Around-the-Clock Activity Monitoring of Heroku Postgres transactions
The vast majority of cyber crimes is committed by insiders. With Activity Monitoring you always have the opportunity to see the actions of your employees and take measures in case there is someone who constitutes a threat.
Activity monitoring is one of the requirements of standards established by regulators and the government legislative bodies, such as GDPR, SOX, PCI DSS, HIPAA. DataSunrise is a helpful tool to retrieve reports necessary for cybercrime investigation.
Comprehensive Heroku Postgres Activity Monitoring solution
DataSunrise enables to see who accessed a certain element of the database and then provides comprehensive details for further analysis or cybercrime investigation. Collected data includes:
- System events (authentication data, changes in security policies, granting privileges, adding new database users, errors occurred, etc.)
- Codes of SQL queries, results of query execution, application names used to send the request
- Session data (login names, IP addresses, hostnames, duration, affected rows)
Attack attempts require instant reaction of administrators. Notifications section of Activity Monitoring settings enables adding email addresses to receive notifications in case a certain Activity Monitoring rule is triggered. DataSunrise detects unauthorized access, SQL injection attempts, and other potentially dangerous transactions.
Activity Monitoring results can be stored in a database integrated into DataSunrise or in other external databases. Due to the support of the Syslog protocol, Heroku Postgres data monitoring logs can also be exported to SIEM systems, which provides online analysis of security threats.