"When I talk to clients about protecting databases, one of their concerns is that there's never just one type - that is, they have databases from multiple vendors that need protection...Having a database activity monitoring and auditing solution that supports it is a welcome addition for companies seeking to strengthen data security and improve compliance."
Trent Henry, vice president and research director, Burton Group
Next steps
Request a demo
Contact me
Sales
+1 (781) 935-2867
OR +44 (0)2076 499959
Download Now
Real-Time Database Protection
Hedgehog is an affordable host-based software solution for real-time database protection, monitoring, auditing and breach prevention. Unlike other solutions, Hedgehog can be deployed across thousand of databases in days - not months.
It is currently available for Oracle, MS SQL Server and Sybase databases on Windows, Linux and Unix platforms (see system requirements for details).
Downloadable and Easy to Install
Hedgehog is a software-only product and can be downloaded from this website and installed with ease. It comprises a server application with a Web-based management console, and unique, light-weight sensors that are installed on the host machines of the databases that require monitoring. Using a wizard-style process, it takes literally minutes to set up.
Unprecedented Granularity
Using patent-pending technology, Hedgehog monitors in real time all database transactions, included those generated from stored procedures, triggers, views, obfuscated and encrypted data. Based on highly flexible rules and a previously unavailable level of granularity, it generates alerts and prevents suspicious activity.
Virtual Patching = Immediate Database Protection
When it comes to applying security patches originated by the RDBMS vendor we know that while regular patching is part of meeting IT standards and internal policies, companies are leaving databases un-patched for months or even years. This leaves critical databases vulnerable to attacks, resulting in data theft, privacy breaches and non-compliance.
Virtual patching is the perfect way to protect the database against exploits without actually patching the DBMS kernel. This creates a security layer around the database that, unlike vendor patching, does not require downtime or application testing, ending patching headaches faced by so many DBAs. Deploying Hedgehog vPatch as a stop-gap until it is possible to install the vendor patches, allows organizations meet their internal IT standards, and successfully pass internal as well as external IT audits.
Hedgehog comes with a set of predefined rules that instantly provide defense against numerous attack vectors, including:
• SQL injection
• Privilege escalation
• DBMS-specific exploits
The Sentrigo Red Team is constantly updating this list, with updates being automatically distributed to Hedgehog users.
Uninterrupted Database Operations
Hedgehog does not significantly impact database performance (typical CPU usage of less than 5% of a single CPU, depending on environmental variables), and allows daily operations to continue uninterrupted, even in highly transactional systems.
Unlike previously available host-based solutions, Hedgehog does not need DBMS audit logs, nor does it act as a gateway or create I/O bottlenecks. Authorized users can continue going about their business with the reassurance that their legitimate actions remain uninterrupted.
Enforcement of Security Policies
Hedgehog helps organizations ensure that security policies are implemented, improving database protection. In addition to detecting and preventing unauthorized use, it:
- Maintains separation of duties
- Supports IT governance
- Facilitates forensics and auditing
- Provides an additional layer of defense for sensitive data