DB Networks

Last updated
DB Networks
Industry Technology, Information Security
Founded2009
Headquarters San Diego, California
Key people
Brett Helm
Chairman and CEO
Steve Hunt
President and COO
ProductsDatabase Security
Website http://www.dbnetworks.com

DB Networks is a privately held Information Security company founded in the United States The company is headquartered in San Diego, California, and its regional offices are located in Palo Alto, California and Seattle, Washington. [1]

Contents

In May 2018, DB Networks announced that it will change its company name to DB CyberTech. [2]

History

DB Networks was founded in United States in 2009 to provide database security including database infrastructure assessment, compromised credential identification, and SQL injection defense, predominantly to the financial services industry and federal government. The company was initially financed by Angel investors. In 2012 the company raised $4.5M in venture capital from Khosla Ventures. [3] [4] In 2014 the company closed a $17 Million round of funding led by Khosla Ventures and Grotech Ventures. [5]

The company's first product, the ADF-4200, was launched in February 2013. [6] Also in February 2013 the company announced a partnership with Alamo City Engineering Services (ACES) to offer its products to the US Military and civilian federal agencies. [7] In October 2013 the company announced the IDS-6300, later renamed DBN-6300, originally as a SQL injection defense and database infrastructure security product.

In 2013 DB Networks was invited to join the Cync cybersecurity technology program under the direction of Northrop Grumman and the University of Maryland, Baltimore County Research Park Corporation. The Cync program identifies innovative technologies to combat cybersecurity threats. [8]

In 2014 AMP Tech Solutions was announced as a channel partner to offer DB Network products through the NASA Solutions for Enterprise-Wide Procurement (SEWP) IV contract to the United States federal agencies. [1]

In 2015 DB Networks was awarded two United States patents for their database security technologies.[ citation needed ]

DB Networks began licensing their database security software and technologies to original equipment manufacturers (OEMs) in February 2016 coinciding with the launch of their Layer 7 Database Sensor. [9] Partnerships have been announced with FireEye, [10] Cyphort, and Security On-Demand. [11]

Technology

DB Networks database security technology is based on machine learning and behavioral analysis as opposed to the traditional information security approach requiring human generated blacklists or whitelists. [12] The machine learning and behavioral analysis platform learns each applications' proper SQL transaction behavior. Compromised credentials and rogue SQL statements, such as a SQL injection attack, will deviate from the established model and will raise an alarm as a database attack. [6] [13] Machine learning and behavioral analysis technologies have the ability to prevent advanced and zero-day database attacks without prior threat intelligence or the need to establish and maintain signature files of known attack strings. [14]

Products

DB Networks DBN-6300 was announced in October 2013 (originally referred to as the IDS-6300). The DBN-6300 is a 2U purpose-built database security appliance. It uses machine learning and behavioral analysis to identify database attacks in real-time. [12] [15] A virtual appliance version of the DBN-6300 was launched in February 2014, now referred to as the DBN-6300v. [16]

The Layer 7 Database Sensor was launched in February 2016. The Layer 7 Database Sensor enables other information security product manufactures to integrate DB Networks database security technology into their products. [9]

In March 2016, "insider threat" protection capabilities were added to the DBN-6300 and Layer 7 Database Sensor products. [17]

See also

Related Research Articles

An intrusion detection system is a device or software application that monitors a network or systems for malicious activity or policy violations. Any intrusion activity or violation is typically either reported to an administrator or collected centrally using a security information and event management (SIEM) system. A SIEM system combines outputs from multiple sources and uses alarm filtering techniques to distinguish malicious activity from false alarms.

Internet Security Systems, Inc., often known simply as ISS or ISSX, was a provider of security software and managed security services. It provided software and services for computers, servers, networks, and remote locations that involve preemptive security against threats before they affect a business. Founded in 1994, the company was acquired by IBM in 2006.

Oracle Database is a proprietary multi-model database management system produced and marketed by Oracle Corporation.

MySQL AB was a Swedish software company founded in 1995. It was acquired by Sun Microsystems in 2008, Sun was in turn acquired by Oracle Corporation in 2010. MySQL AB is the creator of MySQL, a relational database management system, as well as related products such as MySQL Cluster. The company was dually headquartered in Uppsala, Sweden, and Cupertino, California, with offices in other countries.

<span class="mw-page-title-main">SQL injection</span> Computer hacking technique

In computing, SQL injection is a code injection technique used to attack data-driven applications, in which malicious SQL statements are inserted into an entry field for execution. SQL injection must exploit a security vulnerability in an application's software, for example, when user input is either incorrectly filtered for string literal escape characters embedded in SQL statements or user input is not strongly typed and unexpectedly executed. SQL injection is mostly known as an attack vector for websites but can be used to attack any type of SQL database.

<span class="mw-page-title-main">Trend Micro</span> Japanese multinational cyber security company

Trend Micro Inc. is an American-Japanese cyber security software company. The company has globally dispersed R&D in 16 locations across every continent excluding Antarctica. The company develops enterprise security software for servers, containers, & cloud computing environments, networks, and end points. Its cloud and virtualization security products provide automated security for customers of VMware, Amazon AWS, Microsoft Azure, and Google Cloud Platform.

Cisco Security Agent (CSA) was an endpoint intrusion prevention system software made originally by Okena, which was bought by Cisco Systems in 2003.

An embedded database system is a database management system (DBMS) which is tightly integrated with an application software; it is embedded in the application. It is a broad technology category that includes:

Database activity monitoring is a database security technology for monitoring and analyzing database activity. DAM may combine data from network-based monitoring and native audit information to provide a comprehensive picture of database activity. The data gathered by DAM is used to analyze and report on database activity, support breach investigations, and alert on anomalies. DAM is typically performed continuously and in real-time.

Schooner Information Technology, Inc. provided database management system appliances for Web 2.0, cloud computing and data centers. It was headquartered in Sunnyvale, California, and acquired by SanDisk in 2012.

<span class="mw-page-title-main">OrientDB</span>

OrientDB is an open source NoSQL database management system written in Java. It is a Multi-model database, supporting graph, document and object models, the relationships are managed as in graph databases with direct connections between records. It supports schema-less, schema-full and schema-mixed modes. It has a strong security profiling system based on users and roles and supports querying with Gremlin along with SQL extended for graph traversal. OrientDB uses several indexing mechanisms based on B-tree and Extendible hashing, the last one is known as "hash index". Each record has Surrogate key which indicates the position of the record on disk. Links between records (edges) are stored either as the record's position stored directly inside of the referrer or as B-tree of record positions, that serves as a container of RIDs, which allows fast traversal of one-to-many relationships and fast addition/removal of new links. OrientDB is the 6th most popular graph database according to the DB-Engines graph database ranking, as of January 2024.

Clustrix, Inc. is a San Francisco-based private company founded in 2006 that developed a database management system marketed as NewSQL.

Imperva Incapsula is an American cloud-based application delivery platform. It uses a global content delivery network to provide web application security, DDoS mitigation, content caching, application delivery, load balancing and failover services.

<span class="mw-page-title-main">Sqrrl</span> Cyber security company

Sqrrl Data, Inc. is an American company founded in 2012 that markets software for big data analytics and cyber security. The company has roots in the United States Intelligence Community and National Security Agency. Sqrrl was involved in the creation of, and actively contributes to Apache Accumulo and other related Apache projects. Sqrrl’s primary product is its threat hunting platform, designed for active detection of advanced persistent threats.

<span class="mw-page-title-main">NuoDB</span>

NuoDB is a cloud-native distributed SQL database company based in Cambridge, Massachusetts. Founded in 2008 and incorporated in 2010, NuoDB technology has been used by Dassault Systèmes, as well as FinTech and financial industry entities including UAE Exchange, Temenos, and Santander Bank.

Google Cloud Platform (GCP), offered by Google, is a suite of cloud computing services that provides a series of modular cloud services including computing, data storage, data analytics, and machine learning, alongside a set of management tools. It runs on the same infrastructure that Google uses internally for its end-user products, such as Google Search, Gmail, and Google Docs, according to Verma, et.al. Registration requires a credit card or bank account details.

Vectra AI, Inc. is a cybersecurity company that uses AI for hybrid attack detection, investigation, and response (NDR) solutions. The company was established in 2012 and operates in 113 countries from its San Jose, California headquarters.

<span class="mw-page-title-main">Salvatore J. Stolfo</span> American computer scientist

Salvatore J. Stolfo is an academic and professor of computer science at Columbia University, specializing in computer security.

Data center security is the set of policies, precautions and practices adopted at a data center to avoid unauthorized access and manipulation of its resources. The data center houses the enterprise applications and data, hence why providing a proper security system is critical. Denial of service (DoS), theft of confidential information, data alteration, and data loss are some of the common security problems afflicting data center environments.

Wiz is a cloud security startup headquartered in New York City. The company was founded in January 2020 by Assaf Rappaport, Yinon Costica, Roy Reznik, and Ami Luttwak, all of whom previously founded Adallom. Rappaport is CEO, Costica is VP of Product, Reznik is VP of Engineering, and Luttwak is CTO. The company's platform analyzes computing infrastructure hosted in AWS, Azure, GCP, OCI, and Kubernetes for combinations of risk factors that could allow malicious actors to gain control of cloud resources and/or exfiltrate valuable data.

References

  1. 1 2 "Bloomberg Businessweek - DB Networks, Inc". Archived from the original on January 6, 2015. Retrieved 2013-02-18.
  2. "DB Networks Announces Company Name Change". San Diego Business Journal. 15 May 2018. Retrieved 2020-04-15.
  3. "Khosla Ventures Leads $4.5 Million in Funding for DB Networks" . Retrieved 2013-03-15.
  4. "DB Networks Raises $4.5M From Khosla Ventures For Database Security To Protect Against Malware". 29 January 2013. Retrieved 2013-03-15.
  5. "Database Security Firm DB Networks Raises $17 Million". 2014-12-09. Retrieved 2016-03-31.
  6. 1 2 "What's basically wrong with the approach most security solution providers are taking". Archived from the original on 2013-06-02. Retrieved 2013-02-18.
  7. "DB Networks Partners with ACES to Deliver Adaptive Database Firewall" . Retrieved 2013-03-16.
  8. "UPI - Cyber-tech effort adds more companies" . Retrieved 2013-03-16.
  9. 1 2 "DB Networks Unveils Layer 7 Database Security for OEMs". 2016-08-07. Retrieved 2016-03-31.
  10. "Cyber Security Coalition (CSC)". Archived from the original on 2016-03-23. Retrieved 2016-03-31.
  11. "DB Networks partners with Cyphort and Security On-Demand". 2016-02-26. Retrieved 2016-03-31.
  12. 1 2 "DB Networks Appliance Applies Machine Learning to Thwart Hackers". 2015-08-07. Retrieved 2016-03-31.[ permanent dead link ]
  13. "DB Networks Brings Intelligence to SQL Injection Protection". 2014-01-27. Archived from the original on 2014-03-30. Retrieved 2014-04-22.
  14. Dolgikh, Andrey; Nykodym, Tomas; Skormin, Victor; Birnbaum, Zachary (2012). "Using Behavioral Modeling and Customized Normalcy Profiles as Protection against Targeted Cyber-Attacks". Computer Network Security. Lecture Notes in Computer Science. Vol. 7531. pp. 191–202. doi:10.1007/978-3-642-33704-8_17. ISBN   978-3-642-33703-1.
  15. "DB Networks' new core IDS aims to stop SQL injection attacks". 2013-11-06. Retrieved 2014-04-22.
  16. "Behavioural analysis based intruder detection". 2014-03-05. Archived from the original on 2014-03-08. Retrieved 2014-04-22.
  17. "Insider threat protection with the DB Networks DBN-6300". 2016-02-16. Retrieved 2016-03-31.