Core Audit

Core Audit

Database & Application Security

Core Audit is a state-of-the-art database & application security solution. Capabilities include basic security, compliance auditing, security monitoring, and advanced preventive security.

Compliance & Security Auditing

Activity auditing is a cornerstone of modern security and as such is required by all compliance regulations and security frameworks. Visibility is the foundation of security and without it, you’re flying blind unaware of attacks, data breaches, compromised accounts, abuses of privilege, and more.

Product Capabilities

Full Capture – 100% visibility at less than 3% overhead

Capture technology is one of the most important aspects of an auditing solution. It determines the visibility you can achieve and the cost of that visibility in terms of performance impact. Capture technology is one of the most costly components of the solution and ultimately determines many of the features and capabilities of the product.

Visibility

Core Audit Full Capture can see 100% of the activity with almost no performance impact. It is specifically designed for every platform we support. In databases, for example, Full Capture can see all the network activity, local activity, encrypted activity, stored procedures, triggers, internal database activity, and everything else that runs in the database engine.

Overhead

Core Audit Full Capture has an extremely low-performance impact. That means that in order to achieve this visibility, Full Capture will take less than 3% CPU, very low network bandwidth, and no memory or I/O resources. Full Capture does not require turning on special auditing or debugging facilities as that would defeat the purpose of low overhead.

Compliance – Built-in value & reporting

Out of the box

Core Audit contains wizards that will guide you through most of the policies and reports you will need for compliance. This includes monitoring sessions, privileged users, monitoring changes, access to sensitive objects, and more. While flexible, every environment is unique and manual customization is sometimes needed to achieve the exact results you need.

Easy Reports & Alerts

The built-in reporting engine can generate both reports and alerts, has a built-in scheduler, supports multiple formats, emails, integration with external systems, custom actions, and more. Easily create new reports or customize existing ones generated by the wizards. Since every environment is unique and requirements change over time, ease of use is paramount.

Security – Forensics & Anomaly Analysis

Core Audit contains two independent repositories: the compliance repository and the security repository. The compliance repository records detailed information based on auditing policies. The security repository records aggregate level information giving you visibility into everything that ever happened in your system. The security repository ensures that whether or not you thought of recording it, you will always know what happened.

Forensics

Core Audit takes the concept of forensics to the next level. Traditionally, forensics is performed in response to security events. In Core Audit, Forensics can also be done proactively in order to assess the security needs, find possible intrusions, evaluate security practices, and gauge the effectiveness of controls. Forensics can, obviously, also be done in response to events and is not limited to information recorded by declarative auditing.

Anomaly Analysis

The Core Audit Anomaly Analysis engine compares and contrasts current activity with past activity to find unusual patterns and behaviors. This includes detection of SQL injection and other unusual application behaviors, new or unusual access to sensitive information, new users, programs, or machines, unusual activity levels, data extractions, times of day, and more. Anomaly detection can be customized to your environment and applied historically.

Snapshots & Preventive Security

Snapshots

Core Audit Level 1 contains multiple features. The more interesting of which is the ability to take metadata snapshots of users, privileges, objects, and more. Snapshots allow for baseline validation, the ability to detect changes in the metadata, and the capacity to compare metadata between similar systems.

Preventive Security

Preventative security aims to enhance the built-in database or application security by blocking activity. These include preventing administrators from accessing data, protecting sensitive accounts, enforcing separation of duties, applying limits, day & time restrictions, and more.

Business Value

Full Capture – Visibility, Overhead, and SLAs

Visibility & Overhead

The most significant technical challenge in auditing is the capture technology. Our unique Full Capture technology will allow you to gain visibility into everything that is happening in your systems without impacting the systems or the infrastructure.

Security & SLAs

Visibility is vital to security since without it you’re flying blind unaware of attacks or breaches. Minuscule overhead means that you can achieve your security objectives without impacting your SLAs. Gain the full power of Core Audit with no disruption.

Compliance – Easy to set up, customize, and maintain

Whether you need to comply with SOX, PCI, HIPAA, or any other requirement, Core Audit can help you do that quickly and efficiently.

Easy Compliance

One of the expected benefits of an auditing solution is to help with compliance. Core Audit wizards will allow you to quickly set up policies and reports that monitor the common threats you are required to control.

Customize & Maintain

Every environment is unique and customizing is sometimes inevitable. Core Audit will allow you to easily tune your policies and reports to meet the exact expectations of your auditors, as well as easily maintain those over time.

Security – The unknown & Anomaly detection

The Unknown

The unknown is one of the biggest challenges in security. You never know where an attack will come from or how it will materialize. Reducing the amount of time it takes you to become aware of an attack or a data breach is crucial to minimizing their impact.

Anomaly Detection

Unlike compliance that monitors known weak spots and expected attacks, Core Audit Anomaly Detection allows you to cover everything else. Core Audit will give you visibility into everything that happens as well as alert you of anomalous activity patterns.

TCO – Minimize cost & control the cost / value ratio

The total cost of ownership is a complex subject that involves direct costs, time investment, personnel, software, hardware, and more. Core Audit was designed to be extremely efficient and effective to provide you with the best results at minimal cost in every category.

Minimize TCO

Core Audit was designed and optimized to use minimal hardware resources and requires no additional software. The solution can be installed, configured, and maintained with minimal time investment thanks to intuitive wizards that do most of the heavy lifting. The product was designed not to require administrator involvement beyond the initial deployment which means that valuable and expensive personnel can be allocated to other business priorities.

Cost / Value Ratio

One of the challenges in managing any project and particularly security projects is controlling the time and cost investment relative to the derived value. Core Audit offers multiple security strategies each with an expected security value and cost. By following our best practices you will be able to define a particular mix of strategies that will allow you to achieve your security & compliance goals with an expected time and cost investment.