A core component of a database security strategy which reliably protects an organization’s sensitive information and ensures continuous compliance, is having a means of answering three simple questions: What? When? Who?
Clear visibility into the nature of each and every database transaction– knowing what happened, when it happened and who made it happen– means being able to better identify malicious or unauthorized activities, fine-tune access policies and privileges, and be better prepared for regulatory compliance audits with more detailed activity logs.
In an effort to help the many organizations managing MySQL databases build better database security strategies, McAfee has developed and released a free, open-source audit plug-in that allows them to capture detailed MySQL database activity information.
The activity information captured by the plug-in is the same information that the McAfee Database Activity Monitoring (DAM) sensor will subject to real-time threat analysis and policy enforcement as part of a complete database security solution.
If you’re interested in detailed MySQL database activity auditing, you can download the plug-in directly from the McAfee website. Also worth checking out is a short video in which myself and Slavik Markovich demonstrate how hacks and attacks on a Web application sitting on top of a MySQL database can be prevented with McAfee Database Security.