Secerno DataStream provides comprehensive database traffic analysis through its SynoptiQ Engine. It analyzes database queries to model how data is accessed and spot areas of concern, like unauthorized activity. It offers differential auditing to only log changes and exceptions, reducing audit workload. Development and security teams can use it to identify issues in applications and spot vulnerabilities.
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
Comprehensive Database Traffic Analysis with Secerno DataStream
1. Secerno DataStream™
For Comprehensive Database Traffic Analysis
Introduction
Secerno DataStream™, a virtual appliance available on the VMware
Server platform, brings the powerful analysis capabilities of
Secerno’s SynoptiQ™ Engine technology to deliver comprehensive
data stream analysis to developers, QA teams, and security and
compliance auditors by exposing the way that applications and
users access databases and interact with data.
Secerno DataStream’s SynoptiQ Engine automatically analyses
the intent of all database queries. To improve the efficiency of
auditing, it uses a patented technique called Semantic Clustering™
to log and group database requests with others of similar intent;
clearly and concisely showing how data is accessed. We call this
360-degree model of all your database transactions Intent-Based
Modeling™ and it spotlights areas of concern such as:
Authenticated users carrying out unauthorised activity
Non-compliant data access or changes to data
Credit card numbers being used by unexpected queries
Users changing data, when they should only be viewing it
Unauthorised access to sensitive data
New software versions that violate the corporate data
security policy
Unusual database requests coming from any part of the Offering a new approach to compliance auditing, Secerno
organisation DataStream offers optional differential auditing capabilities which
– rather than logging all SQL requests to a database – can be set to
Privilege escalation log only changes in data access and/or exceptions to a
Applications with permission to access specific data, compliance-approved policy. This considerably reduces the time
but have not used it before and resources spent reviewing logged data and processing alerts
for compliance.
Vulnerabilities and inefficiencies in applications – in
development or live
Poor quality queries and stored procedures that impact
performance
How Secerno DataStream Works
Secerno DataStream is part of the award-winning Secerno
DataWall™ family of database activity monitoring and database policy
enforcement hardware and virtual appliances that deliver the world’s
most advanced, comprehensive and intelligent database security.
Secerno DataStream, with Secerno’s radical SynoptiQ technology
at its core, analyses all database traffic and automatically builds
up a model of application-to-database behaviour. As a result of
the SynoptiQ Engine’s deep understanding of the SQL language its
Semantic Clustering groups together statements of similar intent
for a concise, yet extremely granular, Intent-Based Model that
shows exactly how data is being accessed.
Differential Auditing for Compliance
Simply logging database access is often impractical because of the
sheer volume of logs generated. Secerno DataStream offers a new
approach to compliance auditing. Uniquely, the solution supports
differential (selection) auditing of data access which enables a
baseline of compliant activity to be easily created. Thereafter, this
customer baseline can be simply and easily compared with new
activity – highlighting only changes to this baseline.
Differential auditing from Secerno significantly reduces the
resources required to process audit trails, since only exceptions – Figure 1: Sample Compliance Reports
possible non-compliant activity – need then to be audited.
Secerno.SQL Agile – Data Stream Analysis www.secerno.com