Dynamicode Company Limited



Database Security

McAfee's database security solution offers real-time, reliable protection for business-critical databases from external, internal, and intra-database threats, and requires no architecture changes, costly hardware, or database downtime. Organizations of all sizes can gain complete visibility into their overall database landscape and corresponding security posture, fully align their security policy administration practices, and efficiently maintain regulatory compliance. The solution is completely integrated with McAfee ePolicy Orchestrator (McAfee ePO) software and provides single pane manageability for database security and other security solutions.

  • McAfee Vulnerability Manager for Databases

    Know the exact location and vulnerability level of all your databases. McAfee Vulnerability Manager for Databases gives you complete visibility into your overall database security posture, providing you with a detailed risk assessment across more than 4,700 vulnerability checks. Get clear classification of database security threats into distinct priority levels, fix scripts, and expert remediation recommendations that better prepare your organization for audits and compliance with regulatory mandates.

    Feature & Benefits:

    Get unparalleled visibility into database security posture
    Know exactly where risks are and how to minimize the likelihood of a breach by automatically discovering databases on the network, and conducting more than 4,700 checks for vulnerabilities.

    Save time and money by reducing the need for external database security consultants
    Get recommendations for remediation for the most high-priority vulnerabilities, in many cases augmented with fix scripts you can run to address any issues.

    Gain access to more than 4,700 security verifications
    Get comprehensive and up-to-date checks of the most popular database platforms reporting on meaningful criteria such as version/patch level, changed objects, modified privileges, and forensic traces from common hacker tools.

    Discover databases and sensitive tables automatically
    Find databases by scanning the network or by importing from existing tools, and identify tables containing restricted information based on preset patterns.

    Check passwords quickly and efficiently
    Use a variety of techniques to detect weak passwords and shared passwords, including hashed passwords (SHA-1, MD5, and DES), by downloading data for local analysis to avoid affecting database performance.

    Get out-of-the-box regulatory compliance reports and custom reporting
    View reports for PCI DSS and other regulations, as well as specific reports for various stakeholders such as database administrators (DBAs), developers, and InfoSec users.

    Get recommendations and fix scripts for high-priority items
    Organize items by priority and provide actionable recommendations for remediation based on input from leading security researchers.

    Integrated directly with McAfee ePolicy Orchestrator (ePO)
    McAfee Vulnerability Manager for Databases is directly managed with the ePO platform, providing centralized reporting and summary information for thousands of databases from a single, consistent dashboard.

  • McAfee Database Activity Monitoring

    Boost your overall database security with reliable, real-time protection against external and internal threats across physical, virtual, and cloud environments. McAfee's activity monitoring sensors require no costly hardware or changes to your existing system architecture, giving you an easy-to-deploy, highly scalable database security solution. The sensors immediately detect any kind of unauthorized or malicious behavior and terminate it without significant impact to overall system performance. McAfee Database Activity Monitoring greatly simplifies your database security management and helps ensure compliance with PCI DSS, SOX, HIPAA/HITECH, SAS 70, and many other types of regulations.

    Feature & Benefits:

    Get maximum protection for sensitive data, meet compliance requirements, and reduce exposure to costly breaches
    Demonstrate compliance and minimize the likelihood of a breach by monitoring threats to databases from all sources, including network/application users, local privileged accounts, and sophisticated attacks from within the database itself.

    Save time and money with faster deployment and a more efficient architecture
    Simplify the process of building custom security policies to audit and protect databases with preconfigured rules and templates.

    Minimize risk and liability by identifying attacks as they occur, and stopping them before they cause damage
    Stop breaches by terminating suspicious sessions and quarantining malicious users with real-time monitoring and intrusion prevention for Oracle, Microsoft SQL Server, and Sybase databases.

    Increase your flexibility by deploying McAfee Database Activity Monitoring on the IT infrastructure of your choice
    Install sensors on physical servers, provision sensors along with the database on virtual machines, and deploy sensors remotely on cloud servers.

    Discover databases automatically and organize them for monitoring and management
    Find databases by scanning the network or by importing them from existing tools, and then group them by vendor, version, or custom tags (for example, HR, finance, or QA).

    Get out-of-the-box protection for known vulnerabilities and common threats
    Receive more than 380 predefined rules that address specific issues patched by the database vendors, as well as generic attack profiles.

    Leverage templates for compliance regulations
    Use a simple, step-by-step interface for building customized security policies for PCI DSS, SOX, HIPAA, GLBA, and SAS-70, as well as best practices based on experience at hundreds of customer sites.

    Receive granular protection of sensitive data at the object level, regardless of the source of the attack
    Evaluate process memory to determine execution plan and affected objects, identifying policy violation even from local users or obfuscated code.

    Get full auditing for MySQL databases for free
    Bring enterprise-level database security to the MySQL open-source database management system and collect full audit-trail information from the database.

    Ease management difficulties through integration with McAfee ePolicy Orchestrator (McAfee ePO)
    McAfee Database Activity Monitoring integrates with the McAfee ePO software to provide a single pane, unified management platform for database security and other solutions.

  • McAfee Virtual Patching for Databases

    Ensure up-to-date database security and compliance without the business disruption of database downtime. With McAfee Virtual Patching for Databases, your organization can secure protection from the latest database security threats and efficiently maintain compliance if a vendor-released patch that deals with a known vulnerability has yet to be installed, or even if the database is no longer supported by the vendor.

    Feature & Benefits:

    Protect sensitive databases between the release and installation of vendor patches
    Safeguard databases with virtual patches. McAfee host-based software uses a small, nonintrusive sensor on each database server to detect and prevent attempted exploits of vulnerabilities.

    Get ongoing updates to defend against exploits
    Trust continuous research of the evolving threat landscape to provide timely patch updates that keep organizations protected despite the changing nature of attack vectors.

    Facilitate compliance by keeping systems up to date
    Meet compliance standards, including PCI DSS, HIPAA, SOX, and other corporate governance rules.

    Secure your databases with an easy-to-implement solution
    Save time with less frequent patches, reducing the effort required for application regression testing and physical patch installation.

    Simplify managing database security through integration with McAfee ePolicy Orchestrator (McAfee ePO)
    McAfee Virtual Patching for Databases is integrated with the ePO software to provide a single pane, unified management platform for database security and other solutions.