Trustwave® today announced its database security solutions, which help businesses protect their databases on premise and in the cloud, have achieved Common Criteria Validation with an EAL 2+ level of assurance.
The internationally-approved validation provides independent verification of the security attributes of Trustwave DbProtect and Trustwave AppDetectivePRO, giving government agencies and enterprises across at least 26 countries confirmation that the software meets the strict, international ISO/IEC 15408 security standard.
"Our most sophisticated government and enterprise customers require the assurance of the Common Criteria certification for products used to protect their databases," said John Amaral, senior vice president of product management at Trustwave. "For years Trustwave has helped businesses protect their databases by continuously identifying and remediating security weaknesses and providing continuous monitoring to flag and block any suspicious activity that may lead to a breach."
Trustwave DbProtect is a security platform designed for continuous monitoring and management of enterprise databases within the data center. The software enables enterprises to discover new or rogue installations, develop security policies, perform safe penetration tests, audit for policy violations and deliver comprehensive reports on the security of their databases. It also composes a detailed picture of database user accounts, data ownership, access controls and rights to sensitive information to then restrict user privileges to the minimum necessary, and alerts on unusual or suspicious behavior to help correlate with other network events.
Trustwave AppDetectivePRO is a database and big data scanner that can immediately uncover configuration mistakes, identification and access control issues, missing patches or any toxic combination of settings that could lead to escalation-of-privilege or denial-of-service attacks, data leakage or unauthorized modification of data. The software is used by government agencies, large enterprises, small and medium-sized businesses and security consultants to complete tasks such as compliance assessments and risk evaluations.
Trustwave DBProtect and Trustwave AppDetectivePRO are supported by the company's SpiderLabs® team, which consists of one of the leading database vulnerability research teams in the industry.
Several other Trustwave technologies have received Common Criteria validation including Trustwave Secure Web Gateway, Trustwave Security Information and Event Management (SIEM), Trustwave Web Application Firewall and Trustwave Network Access Control.
Trustwave (trustwave.com) helps businesses fight cybercrime, protect data and reduce security risk. With cloud and managed security services, integrated technologies and a team of security experts, ethical hackers and researchers, Trustwave enables businesses to transform the way they manage their information security and compliance programs. More than three million businesses are enrolled in the Trustwave TrustKeeper® cloud platform, through which Trustwave delivers automated, efficient and cost-effective threat, vulnerability and compliance management. Trustwave is headquartered in Chicago, with customers in 96 countries.