Database Security Service Video

Database Security Service (DBSS) is a smart database protection service. With the reverse proxy and machine learning technologies, the service is able to provide such functions as sensitive data discovery, data masking, database auditing, and injection prevention.

< >

Characteristic Function

Automatic Threat Identification

Enables security policy rules to be automatically generated or user-defined. The firewall automatically identifies changes in service behavior as a threat and rejects the service request.

High-Risk Behavior Monitoring

Lets users define rules to monitor databases for high-risk activity (based on query, table, or stored procedure). Audit reports present this monitoring by pre-event, post-event, common user, and administrator.

Database Security Protection

Allows you to apply for a database security instance in one click for database monitoring (SQL Server, MySQL, and PostgreSQL), for better security on the cloud.

Dynamic Data Discovery and Masking

Locates and categorizes sensitive data by rule, creates data masking and audit rules, and masks the detected data in real time. This protects sensitive user data from exposure and complies with the Health Insurance Portability and Accountability Act (HIPAA), Sarbanes–Oxley Act (SOX), and Payment Card Industry Data Security Standard (PCI DSS) II.

Intelligent Database Security Monitoring

Presents the real-time monitoring status of firewalls, SQL injection, audit, and data masking.

Advantages

Easy to Use

DBSS can be purchased with one click, and its software nodes are automatically deployed. In addition, it is easy to operate and does not require changing database configurations.

Smart

DBSS supports fine-grained rights control and configurations. It uses a mechanism based on feature identification and scoring to prevent mis-reporting.

Regulation-Compliant

DBSS complies with the HIPAA, SOX, and PCI DSS II. To meet auditing requirements, it supports sensitive data discovery, dynamic data masking, and remote audit log storage.

Reliable

DBSS supports active-passive disaster recovery to ensure service continuity and availability.

Application Scenarios

  • Attack Prevention

  • Data Masking

  • Auditing

Attack Prevention

Attack Prevention

Various policies are provided to prevent database attacks.

Advantages

  • End-to-End Database Firewall

    Depending on the risk of your database, the intrusion detection or defense system can be enabled. In addition, DBSS provides capabilities such as SQL injection prevention and access control.

  • Multi-dimensional Security Policies

    DBSS provides security policies that are based on query groups, tables, or stored Quick Configurations.

  • Self-Learning

    DBSS instances can learn by themselves. After each user-defined "learning session", they generate security policies that can be accepted or rejected.

Related Services

EIP

ECS

VPC

Data Masking

Data Masking

DBSS can discover and dynamically mask sensitive data in your database.

Advantages

  • Regulation Compliance

    The ability to discover sensitive data helps you comply with industrial regulations.

  • Multiple Masking Rules

    DBSS provides a wide variety of masking rules. Data can be masked in specific tables or against queries from specific IP addresses, users, or applications.

  • Powerful

    With a precise masking engine, DBSS masks sensitive data in real time without compromising service performance. Masked data will not be changed in storage.

Related Services

EIP

ECS

VPC

Auditing

Auditing

DBSS provides database auditing capabilities.

Advantages

  • Regulation Compliance

    Audit logs are saved remotely, as required by regulations.

  • Multi-dimensional Auditing

    DBSS tailors audit reports for pre-event analysts, post-event analysts, common users, and administrators.

  • Anomaly Monitoring

    DBSS monitors anomalies in performance, data, and actions.

Related Services

EIP

ECS

VPC

Functions

Database Attack Prevention

Multiple policies prevent database attacks and ensure database security on the cloud.

  • Database firewalls can defend databases against SQL injection and other attacks, including attack detection, alarming, and real-time intrusion prevention.

  • DBSS automatically generates security rules based on its self-learning mode.

  • DBSS provides fine-grained control over database access by internal personnel, complying with the minimum permission access rule.

  • You can create security policies based on query groups, tables, or stored Quick Configurations.

Sensitive Data Discovery and Dynamic Masking

DBSS locates and dynamically masks sensitive data.

  • DBSS complies with security regulations.

  • Locates and categorizes sensitive data based on rules automatically and allows you to create masking or auditing rules easily.

  • Dynamically masks sensitive data, removing your worries about information exposure.

  • Dynamically masks sensitive data using a proxy, without affecting the raw service data.

Database Auditing

Monitors database access activities, sends alarms for unauthorized activities, and provides a compliance report.

  • DBSS monitors management and access activities at the column level.

  • Advanced activity monitoring includes the front and rear views of sensitive database tables and columns. It can independently monitor and analyze database activities and generate alarms for unauthorized activities.

  • DBSS has a built-in knowledge base about regulation compliance (PCI-DSS, HIPAA, and SOX) and generates compliance audit reports.

Video Tutorials

How to apply for instances of the Database Security Service

more>