Databases are usually implemented for maintaining large amounts of the data, including sensitive and/or secret data. Accordingly, the databases may be the target of inside as well as outside attacks.
Network perimeter defense systems, e.g., firewall systems, and/or network Intrusion Detection Systems (IDSs) may be implemented to actively prevent intrusions to a network, for example, by blocking malicious traffic before it is allowed past a perimeter of the network.
However, although the network perimeter defense systems may be efficiently implemented for defending the network from outside attacks, such network perimeter systems may not be adapted to defend the databases against, for example, employees having valid accounts and passwords, Trojan horses, malicious data manipulation, accidental data manipulation, and/or any other attacks as known to one of ordinary skill in the art.
US Patent Application Publication 2005/0203921 to Newman et al. published Sep. 15, 2005 (“the '921 publication”) describes a security solution designed to monitor and detect malicious activity against a database. The '921 publication describes an agent, which is installed on a database application for which it is to monitor and protect. The '921 publication describes the agent analyzes received events and detects/prevents any malicious activity. All malicious activity is recorded, processed and forwarded to a console.