Sentrigo Announces New Technique to Combat Zero-Day SQL Injection Attacks on Databases
November 19, 2007[From Sentrigo, Inc.]
WOBURN, Mass.November 19, 2007Sentrigo, Inc., today announced that it has added patent pending functionality to its Hedgehog software to address SQL injection in database built-in packages, often used for privilege escalation. The database hacking technique can be used in a variety of ways, many of which are particularly difficult to detect. Hedgehog, which directly monitors the databases memory, is the first product to examine the context from which the SQL statements originate, the types of commands used and the database access privileges of the user. In this manner, Hedgehog is able to identify SQL injections that are missed by tools that only track signatures of known injections.
The article continues at http://www.sentrigo.com/press_releases-newsid-34.htm