McAfee Offers Free MySQL Security Tool
McAfee’s open source security audit plug-in for MySQL s aimed at cloud deployments and businesses
McAfee has released a free tool that captures detailed activity audits from MySQL databases in order to help meet audit requirements.
The open source audit plugin, aimed at both smaller businesses and enterprises, is intended to be coupled with McAfee’s Database Activity Monitoring sensor for MySQL, the company said. McAfee acquired its database security products last year with the purchase of Sentrigo, a former McAfee partner.
Enterprise-grade security
The tool can help companies create enterprise-level database security around their MySQL databases, according to McAfee.
“When coupled with the McAfee Database Activity Monitoring sensor for MySQL, the data is subject to the same real-time analysis and policy enforcement as the data collected from other supported databases,” said McAfee vice president of database security product management Dan Sarel, in a statement.
The software-only tool provides visibility into all the databases in a company’s environment and requires no changes to the existing database and network architecture.
McAfee said the tool’s scalability and ease of use makes it it is particularly suited to monitoring databases in the cloud. The plug-in supports databases including Oracle, Sybase, MS-SQL and DB2, according to McAfee.
High-profile attacks
Attacks on SQL databases are having increasingly visible consequences, with last year’s high-profile attacks on Sony and T-Mobile believed to have been carried out via SQL vulnerabilities.
McAfee’s database product line includes McAfee Vulnerability Manager for Databases, the McAfee Database Activity Monitoring and the McAfee Integrity Monitoring for Databases.
Last year McAfee announced a network security framework designed to provide network administrators with intrusion prevention systems that provide context, content and application awareness. The network security framework integrates intrusion prevention systems with advanced features such as application visibility and integrated threat context. Based on Network Security Platform 7 for network intrusion prevention system, it is focused on helping enterprises prevent increasingly sophisticated attacks on their networks, according to the company.
Are you a patent expert? Take our quiz!