When Databases Attack, SQrazorLoc Defends !!

As the article explains, MySQL has a weakness and it can lead to nefarious actors pilfering the files from client machines.  These can be simple clients that connect to a database as well as application servers that connect like a client to the database.  In either case it is a security vulnerability.

Best practices would of course recommend that you know the database to which you connect to ensure that illicit actors cannot sneak in through this vulnerability.  However, even knowing the database you connect to may not be enough when things can be rerouted, databases can be spoofed, and connections can be changed.  Even with the best of precautions, nefarious actors can still manage to attack using such a vulnerability as described in this article.

This is where SQrazorLoc can help to prevent or eliminate such attack vectors as described here.  With built-in application level authentication and access tracking, SQrazorLoc ensures that your application only connects to known databases and provides reporting data that shows what applications are connecting to which databases.

This protects against the very type of attack described in the article by forcing authentication of the database connection, encrypting the data contained in the database, and then tracking what applications connect to the database.  So unless you want to connect to databases that you cannot verify the owner of and have no way of knowing who is providing the data, SQrazorLoc solves the problem and eliminates the attack vector.

MySQL Design Flaw Allows Malicious Servers to Steal Files from Clients