DataSunrise Security for MySQL Security Solution by DataSunrise

DataSunrise Database Security Suite for MySQL security is an intermediary between users and database. It screens and filters incoming and outgoing traffic. It blocks suspicious or forbidden transactions in real time. Highest degree of granular control ensures advanced protection against intrusion attempts, malicious attacks, SQL injections and insider risks.

Tech Info

MySQL security solution by DataSunrise protects databases from both outside attacks and inside threats. It performs deep traffic filtering on an application level. Every incoming and outgoing packet is analyzed for compliance with the customized rules set. In case a malicious query is detected, the blocking scenario includes disconnection of a client from DB or closing of the session.

Proxy mode deployment prevents direct communication between client and database. DataSunrise maintains MySQL security acting as an intermediary between client and server, it audits and logs queries or blocks execution of the ones violating firewall's security policies.


Smart SQL analysis algorithms provide continuous monitoring of database activity. During initial traffic processing DataSunrise disassembles user queries, database output etc. Then the queries undergo careful analysis and the firewall determines target database objects, schemas, tables names and other important information. Then the firewall logs queries, blocks their execution or obfuscates database output according to predefined security policies.


Scanning of traffic along with detection and blocking mechanisms allows you to capture SQL injections in real time. The firewall blocks the following SQL Injection techniques:

  • Union Exploitation Technique
  • Boolean Exploitation Technique
  • Out of band Exploitation technique
  • Time delay Exploitation technique
  • Automated Exploitation

    Rule conditions include the following parameters:

  • type, instance and name of the target database;
  • whether queries came from a certain client application;
  • whether intercepted queries contain certain SQL statements;
  • whether queries contain signs of SQL injection (OR and UNION statements, comments, double queries, constant expression, keyword in comments);
  • whether queries are directed to certain database elements (schemas, tables, columns, stored procedures).

    Among supported features there are:

  • All main user authentication methods
  • Processing of SSL and TLS-encrypted traffic
  • Processing of prepared statements and multi-statements
  • Multiresultsets processing
  • Processing of LOAD XML and LOAD DATA operations
  • Convertation of binary data into text format
  • Tracking of system and user-defined variables

    DataSunrise Database Security Suite supports MySQL 5.0+ version and runs on both Windows and Linux.