DataSunrise Security for MariaDB

MariaDB security solution by DataSunrise is the guardian against hackers and malicious insiders. Based on effective threat detection algorithms, the tool immediately notifies the administrator about any suspicious activity and security breach attempts. It blocks SQL injections in real time and controls access to the database. The tool does not keep passwords or any confidential information.

Tech Info

DataSunrise MariaDB security software is a reliable tool designed to prevent cyberattacks and fraudulent insider activity. It stops hacker attacks, prevents intentional and unintentional data leaks and detects data breach preparations in advance. From a business perspective, the it not only ensures the proper level of business data security, it also helps enterprises to stay compliant with regulatory requirements.

DataSunrise functions as a proxy between the database and users, eliminating their direct communication. Deep traffic filtering is performed on application level. DataSunrise monitors and controls all the queries and database responses and blocks queries if they violate security policies. The blocking scenario includes disconnection of a client from DB or closing of the session.

proxy-01

Smart SQL analysis algorithms provide continuous monitoring of database activity. During initial traffic processing DataSunrise disassembles user queries, database output, etc. Then the queries undergo careful analysis and the tool determines target database objects, schemas, tables names and other important information. Then the tool logs queries, blocks their execution or obfuscates database output according to predefined security policies.

 

SQL Injection is one of the most exploited database security vulnerability. Scanning of traffic along with detection and blocking mechanisms allows DataSunrise to capture SQL injections in real time. DataSunrise blocks the following SQL Injection techniques:

  • Union Exploitation Technique
  • Boolean Exploitation Technique
  • Out of band Exploitation Technique
  • Time delay Exploitation Technique
  • Automated Exploitation Technique
 

Rule conditions include the following parameters:

  • type, instance and name of the target database
  • whether queries came from a certain client application
  • whether intercepted queries contain certain SQL statements
  • whether queries contain signs of SQL injection (OR and UNION statements, comments, double queries, constant expression, keyword in comments)
  • whether queries are directed to certain database elements (schemas, tables, columns, stored procedures)
 

Among supported features there are:

  • All main user authentication methods
  • Processing of SSL and TLS-encrypted traffic
  • Processing of prepared statements and multi-statements
  • Multiresultsets processing
  • Processing of LOAD XML and LOAD DATA operations
  • Convertation of binary data into text format
  • Tracking of system and user-defined variables
 

MariaDB security tool by DataSunrise runs on Windows and Linux and supports MariaDB 5.5.