Insight Technology, Inc

Japanese | English

• Home
• Solutions
• Products & Service
• Partners
• News & Events
• E-Magazines
• About Us

Nov 09, 2005
Insight Technology Inc

Information Breach Monitoring System PISO
Announcing the next version's new function ' Vulnerability Monitor'

Insight Technology Inc. (Located at 2- 1- 52, Chigasaki, Chigasaki shi Kanagawa ken, Japan, CEO: Ichiro Obata and hereafter called Insight Technology) announced a new function called 'Vulnerability Monitor' which would be launched in the next version of the information breach monitoring system PISO.
The 'Vulnerability Monitor' launched by the next version of PISO will analyze the vulnerability in the database. It does not only classify, detect or evaluate the categories such as ' authentication', 'authority' and 'system security', but also leads to the actions of lowering the risks. It will be possible for the enterprise to reinforce internal control by using the 'Vulnerability Monitor' with a process that matches PDCA cycle.
PISO with the 'Vulnerability Monitor' is expected to be released within the year.

About the PISO Vulnerability Monitor

The current status of vulnerability measures

Existing database security products evaluate the vulnerability and report to reduce the possibility of information breach. However, only the evaluation of vulnerability is not enough as a security measure when we view this from the perspective of risk management. The reason is by detecting the vulnerability, only the defects in the database will be clarified but the vulnerability and defects themselves still remain in the database. Further, even with respect to problems where the risk should be reduced immediately, we find that actually it takes time to correct the problem. As a result, the vulnerability evaluation report is NOT equal to reducing the possibility of occurrences of information breach'. The main objective in risk management was to remove the 'vulnerability' and 'defects' that caused information breach and to make the database information more safe and secure. This would result in a mitigation of the risk of information breach'. Hence, both vulnerability evaluation and risk mitigation action are required. In other words, ' there is no mitigation in the risk of information breach if there is no risk mitigation action'.
The vulnerability of database could eventually lead to information breach. Basically it happens because of setting miss or imperfection of authentication/authority administration etc. That is to say, it relates to the fact that the access control has not been implemented accurately.

Example )

• The default password is being used (Authentication problem)
• The user has been granted with the authority more than required (Authority problem)
• External access is available (System security problem)

Solution via PDCA cycle

Vulnerability Monitor provides a solution that supports the reinforcement of internal control via a process which matches the thought process involved in PDCA cycle. Further since the risks are now classified as authentication, authority and system security, the security officer can identify which category the risk falls into quickly.

• Planning Phase
• Based on the vulnerability evaluation, the following points are clarified
Objective: Why is the risk level high and why is amendment required ?
Target: Which item is it (Authentication? Authority? System security?)
Priority: What needs to be corrected first?
• The risk is thoroughly analyzed and the order of priority is determined based on the results of the evaluation
• Execution Phase
• If it is a risk that needs to be remedied immediately or it can be corrected, the Security DBA can fix the problem using the required process quickly.
• �ESince the revised contents will be saved and managed automatically, the reinforcement of the internal control that functions as an integral part of the risk management, is also supported.
• Evaluation Phase
• The security risk is re-evaluated and there is a subsequent clarification on the requirement for avoiding/ rectifying the risks.
• Improvement Phase
• Understand the security risk and navigate from further improvements or a revised plan to the implementation of the function based on the requirements.

Main Functions of Vulnerability Monitor

1. Authentication Related
[Monitoring Items]
• Default password check
• Check settings related to the password restrictions
  Example) when there is no setting for number of unsuccessful login attempts
[Mitigation of risk]
• Change password
• Set restraints on the password
2. Authority Related
[Monitoring Items]
• DBA authority grantee check
• ANY authority grantee check
• Check authority with the ADMIN_OPTION
• Check authorith that are granted which could potentially be risky
  Example) Can be modified by other users (BECOOME USER) etc
[Risk Mitigation Details]
• Delete unnecessary authority
3. System security
[Monitoring Items]
• Check initialization parameters which could cause risks
  Example) whether the DB link password has been encrypted (DBLINK_ENCRYPT_LOGIN)
• Check settings pertaining to resource restrictions
  Example) Restrict connection time of the session (CONNECT_TIME) etc
[Mitigation of risks]
• Modifying initialization parameters
• Setting resource restrictions

As we are still investigating the addition and modification of the monitoring categories and monitoring items, it could change in the future.

Vulnerability Monitor = Vulnerability Evaluation + Risk Mitigation
A mere evaluation of the vulnerability is inadequate for tackling information breach. The Vulnerability Monitor provides the database risk management solution. Using the vulnerability evaluation, the risks are detected and after prioritizing appropriately the compatible processes can be speedily navigated. In other words, after evaluating the vulnerability by implementing a speedy risk mitigation action it becomes possible to change the entire database environment that contains all information ranging from private to financial data, into a more safe and secure one.

About 'PISO'

PISO is a database security tool, which audits transactions in order to monitor against illegal or unnecessary data access from internal and external attacks such as SQL injections.

1. All access to critical data is collected from memory directly with minimum performance penalty and stored in the dedicated server.
2. PISO provides real-time monitoring, detection, and alert notification.
3. PISO provides the mining search to help forensic analysis.

About Insight Technology

Insight Technology, Inc. is a professional group of Oracle database experts who have accumulated much experience in performance management, tuning, administration, and database designs for worldwide enterprises. We offer products and services which meet clients' need by blending several main factors: Oracle, Security, Products, Service, and Consultation.