There is a recent trend, over the last couple of years, where vendors such as Imperva and Guardium, and now NitroSecurity have been tapping into database monitoring to bring advanced database security to organizations.
- Imperva and ArcSight enjoy interoperability
- Guardium integrates with not only ArcSight but also additional SIMs (security information management vendors) such as CA and LogLogic.
- NitroSecurity has now joined this crowd by acquiring RippleTechadding DAM (database activity monitoring) and log management tools and announcing just days ago that NitroView DBM and NitroView ESM have been fully integrated.
DAM & SIM/SIEM, together, are a perfect fit as it enables companies to centralize the monitoring and policy implementation. Said Frank Hayes, vice president of marketing at NitroSecurity, "By analysing database activity in a SIEM that also analyses your application logs, you can bridge the gap to determine who really did what. That's only one example
another would be to determine the impact of other detected events: your SIEM detects that multiple bad log-ins occurred, followed by a successful log-in, followed by an IPS alert indicating a SQL backdoor exploit occurred".