What’s basically wrong with the approach most security solution providers are taking
DB Networks is innovating behavioral analysis based database security equipment for organizations who need to protect their data from advanced attacks. DB Networks Adaptive Database Firewall is an effective countermeasure against SQL Injection and database Denial of Service attacks. Unlike traditional database security solutions, which require extensive user customization, as well as time-consuming white list/black list maintenance, DB Networks Adaptive Database Firewall automatically learns each applications proper SQL transaction behavior. Any SQL transaction which subsequently deviates from the model immediately raises an alarm as an attack. DB Networks is a privately held company headquartered in San Diego, California.
Info Security PG: What’s basically wrong with the approach most security solution providers are taking? Why is post-attack strategy an uphill task?
Brett Helm: We see many security solution providers stressing compliance over security. They tend to see their primary duty as checking all the compliance boxes rather than architecting a highly secure system which is also compliant. As an example, security equipment may be installed for compliance reasons and then heavily customized to reduce false positive alarms. The customization often renders the device nearly useless from a security perspective. The system may still be compliant, but it's far from secure.
With regards to post-attack, I believe you need to approach it from essentially two perspectives. First, detailed information about the attack needs to be gathered of course. This information would be used as evidence for law enforcement as well as for threat intelligence in order to protect other organizations from similar attacks. Second, you want to rapidly respond to the threat internally to prevent a future recurrence. So the challenge is gathering meaningful alert information that contain the accurate detailed forensic records regarding the attack.
About Brett Helm
Brett Helm brings over 25 years of executive management experience in Information Technology to DB Networks. Previously, as Coradiant's CEO and Chairman, he oversaw the development of equipment used to manage, optimize, and troubleshoot web applications. In 2011, Coradiant was acquired by BMC Software. As President and CEO of IPivot, he helped create the industry's first SSL acceleration appliances and Layer 7-aware traffic management equipment. Ipivot was acquired by Intel. Prior to IPivot, Brett served as GM of @Work. Brett earned his BS in Engineering at the University of Utah and served as an aviator in the US Air Force.
Info Security PG: DB Networks just announced the ADF-4200. What security problems are you solving for your customers with this new product?
Brett Helm: While SQL injection attacks have been around for many years, they continue to evolve into increasingly sophisticated threats over time. We are now seeing the emergence of weaponized SQL injection attacks being perpetrated by state actors. Our newly announced ADF-4200, which is based on our Adaptive Database Firewall platform, is an effective countermeasure against even these sorts of extremely sophisticated database attacks. With the ADF-4200 we're taking a completely new approach to the advanced and persistent SQL injection and database DOS threat. The ADF-4200 is a behavioral analysis based database security appliance. It automatically learns an applications proper SQL transaction behavior. Any SQL transaction which subsequently deviates from the model immediately raises an real-time alarm as an attack.
Info Security PG: Can you provide some actual examples where the ADF-4200 identified a SQL injection attack that would have perhaps otherwise not been identified? Can you also elaborate on your target markets and where your solutions are presently deployed?
Brett Helm: Sure, in fact just recently we had a customer who was evaluating the ADF-4200 on one of their production databases. The ADF-4200 was set up to be remotely managed by our team, in the event of any issues. So one morning a series of alarms occurred indicating an extremely high likelihood of a database attack. Our team was extremely excited, and not in a good way. The SQL injection attacks we were seeing were extremely sophisticated, clearly not a run of the mill automated attack. In the end it turned out that the attack was actually the work of a pen tester who had been hired, unbeknownst to us, by the company evaluating the ADF-4200, to audit and test their overall system security. The ADF-4200 was able to handle every attack this pen tester attempted. I should point out that every SQL injection attack the ADF-4200 was handling had already made its way through the companies Web Application Firewall (WAF). Beyond alarming in real-time, we were also able to show the customer the exact SQL injection fragment.
As far as target markets, we are basically focused on two. The first being the financial sector, where we're installed in some of the largest financial institutions in the world. The other market we are targeting is the US federal market, including the military, where our unique approach to database security is extremely interesting to them in their battle against cyber attacks.
Info Security PG: As a person you have an interesting background. What did you learn from your missions in Operation Desert Storm. Did any of your experience help in building better security solutions? And one last question, are you really a motorcycle racer?
Brett Helm: Being in combat requires you not panic under extreme stress. You have to perform your duties to perfection, because your crew and the mission depends on it. Building great products also requires perfect execution, regardless of the day to day stresses. You have to focus and deliver, there's simply no other option.
Yes, I enjoy racing off-road motorcycles. While I'm not able to race as much as I'd like these days, over the years I did compete in and won three Baja 1000 events for my class. In many ways I suppose motorcycle racing is similar to running a company. In both cases you need to be thinking several moves ahead while also remaining highly focused executing on the task at hand.
Company: DB Networks
11440 West Bernardo Court Suite 300 San Diego, CA 92127 U.S.A.
Founded in: 2009 CEO: Brett Helm Public or Private: Private Head Office in Country: United States Products: Database Security Equipment Company's Goals: To establish a new product category and become the leader in advanced database security
JOIN NOW THE CYBER SECURITY WORLDWIDE COMMUNITY ON LINKEDIN