CYLOG DATA SKOPE, is a Database Event Audit and Access Monitoring product.
The main purpose of the CYLOG DATA SKOPE Database Audit product is to ensure that accesses and changes to critical database systems are as expected, planned, and desired. You can perform all these actions without turning on the audit feature within the database.
CYLOG DATA SKOPE database detects and classifies the events occurring in your systems and generates alarms and reports in that regard. It is a database audit product that lets you easily access the information on who has accessed sensitive data and what actions are performed at what intervals and informs the authorized people about the events based on the predefined alarm rules. With CYLOG DATASKOPE, you can carry out the following audits and create reports thereby:
· Login – It lets you track successful and failed login attempts made in the database. · Data Content Change – It enables the tracking of such commands as SELECT, UPDATE, DELETE, or EXEC. · Access Tracking – It allows for the tracking of who access sensitive information. · Database Administrator Control – It tracks such activities as user creation, deletion, etc. and allows you to take action. · Classified Control – It allows you to decide who can view the activities on the level of user, database, table, and command. · Reporting – It lets you obtain reports conforming to such standards as ISO27001, COBIT, PCI, and SOX.
It allows you to take quick action by tracking successful/failed login attempts to the database server and notifying password attempts in real-time. It detects from which IP address, machine name, and by whom the relevant login attempt is made and notifies you of malicious attempts that are about to be made within your systems.
Data Content Change
With CYLOG DATASKOPE, you will be notified when changes are made in the database. However, it is also quite important to be able to track what has changed. For example, it should be possible to track (SELECT, UPDATE, DELETE, EXEC, etc.) and report the changes made in the tables within a database.
As long as these changes are planned, there is no problem. However, if they are performed by a bad actor, immediate notification is essential so that necessary actions can be taken as soon as possible. It allows you to make sure that the authorization you granted is not abused.
Tracking of the Accesses to the Database
Access to database servers including critical data is usually made with a single database username. If this is the case, it is not possible to identify who did what. Such accesses should also be monitored and reported in an access tracking system configured accordingly. CYLOG DATASKOPE obtains the information on the machine where the access is performed and helps you determine to whom the related access activity belongs.
Database Administrator (DBA) Control
It helps you control all actions that can be taken by the DBA with regard to user creation, user deletion, or modification of existing privileges.
· Dataskope is designed in accordance with the advanced group and role hierarchy. · Authorizations can be granted on the basis of user, database, and table while you can decide who can view your sensitive data, using the filtering feature by commands. For example, while defining the control role of the SELECT command for user X, you can define DROP and DELETE command privileges for user Y.
Masking of Critical Data
Within the scope of GDPR (General Data Protection Regulation), critical data is automatically masked with Republic Identity Number, credit card information, email address, and REGEX expressions that you can define. On top of that, such events can easily be turned into a warning.
· It is essential to receive reports on all events that have occurred in addition to the checks actively performed on your systems. It enables you to present the relevant evidence as a report to the relevant authorities when necessary in case of a breach of duty. · Dataskope lets you quickly view user activities through predefined report templates. When you want to create a new report as per your needs, you can edit your report within the standard report according to your needs and apply filters to the report. You can save this report and create your own standard audit reports according to your audit needs. · You can share the report templates you create with users who have the necessary authorization within the organization to make their work easier. In addition, with the automatic reporting feature, you can regularly send emails to the authorized users within the date range you will specify.
You can create dashboards that are dynamically updated in accordance with the user's access authorization.
Supported Databases and Operating Systems:
· SQL Server 2008 R2 and higher versions · Oracle 11g ve üstü (ExaData/TeraData including) · ElasticSearch 5 and higher versions · MySQL (2019 Q1) · PostgreSQL (2019 Q1) · Hadoop (2019 Q1) · DB/2 (2019 Q1) · Windows 2008 R2+ · RedHat EL5, EL6, EL7 · Oracle Linux EL6, EL7 · SUSE Enterprise Linux · Solaris 11+