CYPHYX is a dynamic company with cutting-edge products that will solve problems or needs.
When Databases Attack, SQrazorLoc Defends !!
As the article explains, MySQL has a weakness and it can lead to nefarious actors pilfering the files from client machines. These can be simple clients that connect to a database as well as application servers that connect like a client to the database. In either case it is a security vulnerability.
Best practices would of course recommend that you know the database to which you connect to ensure that illicit actors cannot sneak in through this vulnerability. However, even knowing the database you connect to may not be enough when things can be rerouted, databases can be spoofed, and connections can be changed. Even with the best of precautions, nefarious actors can still manage to attack using such a vulnerability as described in this article.
This is where SQrazorLoc can help to prevent or eliminate such attack vectors as described here. With built-in application level authentication and access tracking, SQrazorLoc ensures that your application only connects to known databases and provides reporting data that shows what applications are connecting to which databases.
This protects against the very type of attack described in the article by forcing authentication of the database connection, encrypting the data contained in the database, and then tracking what applications connect to the database. So unless you want to connect to databases that you cannot verify the owner of and have no way of knowing who is providing the data, SQrazorLoc solves the problem and eliminates the attack vector.
For really secure communications, you then need to share a new key each time you want to communicate information that is supposed to be secret. The use of a new key each time is considered to be equivalent to using what cryptographers call a one-time pad. A one-time pad harkens back to the days when an actual encryption key was distributed on paper and a unique sheet of paper was used each time. Because each key is used only once, cracking such encryption is difficult.Wayne Rash, eWeek article, "Why Quantum-Resistant Encryption Needs Quantum Key Distribution for Real Security"