Alternatives to Huawei Database Security Service (DBSS)
Compare Huawei Database Security Service (DBSS) alternatives for your business or organization using the curated list below. SourceForge ranks the best alternatives to Huawei Database Security Service (DBSS) in 2026. Compare features, ratings, user reviews, pricing, and more from Huawei Database Security Service (DBSS) competitors and alternatives in order to make an informed decision for your business.
-
1
Bitdefender Ultimate Small Business Security
Bitdefender
Bitdefender Small Business Security delivers enterprise-grade, layered cyber-protection designed specifically for small organizations. It covers Windows, macOS, iOS, and Android devices with centralized, easy-to-use management, so businesses without a dedicated IT staff can deploy and monitor security from one dashboard. Key features include multi-layered endpoint protection (machine learning, behavioral analytics, real-time monitoring, process termination, and rollback) to prevent known and unknown threats. It offers ransomware prevention and mitigation (detecting abnormal encryption attempts and restoring files from backups), fileless attack protection (memory/back-injection interference, script blocking), phishing & fraud prevention (blocking deceptive sites and warning users), and advanced exploit protection (real-time shield of browsers, Office apps, Adobe Reader) for comprehensive endpoint defense. -
2
ScaleGrid
ScaleGrid
ScaleGrid is a fully managed Database-as-a-Service (DBaaS) platform that helps you automate your time-consuming database administration tasks both in the cloud and on-premises. Easily provision, monitor, backup and scale your open source databases with high availability, advanced security, full superuser and SSH access, query analysis, and troubleshooting support to improve the performance of your deployments. Supported databases include: - MySQL - PostgreSQL - Redis™ - MongoDB® database - Greenplum™ (coming soon) The ScaleGrid platform supports both public and private clouds, including AWS, Azure, Google Cloud Platform (GCP), DigitalOcean, Linode, Oracle Cloud Infrastructure (OCI), VMware and OpenStack. Used by thousands of developers, startups, and enterprise customers including Atlassian, Meteor, and Accenture, ScaleGrid handles all your database operations at any scale so you can focus on your application performance.Starting Price: $8 per month -
3
Oracle Audit Vault and Database Firewall monitors Oracle and non-Oracle database traffic to detect and block threats, as well as improves compliance reporting by consolidating audit data from databases, operating systems, directories, and other sources. It can be deployed on-premises or in the Oracle Cloud. Oracle Audit Vault and Database Firewall (AVDF) is a complete Database Activity Monitoring (DAM) solution that combines native audit data with network-based SQL traffic capture. AVDF includes an enterprise quality audit data warehouse, host-based audit data collection agents, powerful reporting and analysis tools, alert framework, audit dashboard, and a multi-stage Database Firewall. Dozens of out-of-the-box compliance reports provide easy, schedulable, customized reporting for regulations such as GDPR, PCI, GLBA, HIPAA, IRS 1075, SOX, and UK DPA.
-
4
IBM Guardium Vulnerability Assessment scans data infrastructures (databases, data warehouses and big data environments) to detect vulnerabilities and suggest remedial actions. The solution identifies exposures such as missing patches, weak passwords, unauthorized changes and misconfigured privileges. Full reports are provided as well as suggestions to address all vulnerabilities. Guardium Vulnerability Assessment detects behavioral vulnerabilities such as account sharing, excessive administrative logins and unusual after-hours activity. It identifies threats and security gaps in databases that could be exploited by hackers. Discover and classify sensitive data in heterogeneous environments. View detailed reporting on entitlements and risky configurations. Automate compliance audits and exception management.
-
5
Protect your file and database data from misuse and help comply with industry and government regulations with this suite of integrated encryption products. IBM Guardium Data Encryption consists of an integrated suite of products built on a common infrastructure. These highly-scalable solutions provide encryption, tokenization, data masking and key management capabilities to help protect and control access to databases, files and containers across the hybrid multicloud—securing assets residing in cloud, virtual, big data and on-premise environments. Securely encrypting file and database data with such functionalities as tokenization, data masking and key rotation can help organizations address compliance with government and industry regulations, including GDPR, CCPA, PCI DSS and HIPAA. Guardium Data Encryption's capabilities—such as data access audit logging, tokenization, data masking and key management—help meet regulations such as HIPAA, CCPA or GDPR.
-
6
DBHawk
Datasparc
Using DBHawk, our customers were able to comply with GDPR, HIPAA, SOX, GLBA, and other regulations and were able to implement SOD. Self-Service BI & Ad-Hoc Reporting Tool with feature to define Data Access Policy, Connect to multiple Data sources, Build Powerful SQL Charts and data Dashboards. DBHawk SQL editor is an advanced editor that allows users to build, edit, and run database queries with a web-based interface. DBHawk Query Builder is supported with all major databases such as Oracle, Microsoft SQL Server, PostgreSQL, Greenplum, MySQL, DB2, Amazon Redshift, Hive, Amazon Athena. Database SQL tasks and batch job automation with a web-based centralized tool. Secure access to SQL, NoSQL and Cloud databases with our all-in-one data platform. Trusted by our customers to protect and access their data. Centralized Security, Auditing and insights about your user’s activities.Starting Price: $99.00/month/user -
7
DataSunrise Database Security
DataSunrise
Data-Centric high-performance database security software. Regulatory Compliance with SOX, HIPAA, GDPR, PCI DSS and other privacy laws and standards. Hybrid and Multi-Cloud Database Security Proxy on AWS, Azure, Google and On-Prem. Sensitive and PII data auditing, discovery and active protection. Data Auditing enables real-time tracking of user actions and changes made to data and databases to ensure compliance-ready environment, increased visibility. Database Firewall, role based & location aware Data Access Control & Protection. Secure corporate databases in cloud & on-prem against hostile, negligent actions. Secures sensitive data in development and testing environments; Encryption; completely eliminates the possibility to reverse engineer the masked data. Real-time role and location based data masking of production data. Prevents exposure of sensitive privacy data while production data is not changed physically. -
8
Omega DB Security Reporter
DATAPLUS
Omega DB Security Reporter is a security auditing, software-only, and out-of-box solution for Oracle databases. It implements quick reporting, visualization and documentation of the security posture of the Oracle database and addresses the internal and external security compliance requirements. Omega DB Security Reporter provides detailed, integrated, categorized and evaluated assessment of the Oracle Database, enabling the security personnel to dispense with this complex task in a few minutes. Omega DB Security Reporter enables assessment, reporting, visualization and documentation of the security posture of your Oracle database on the following security areas of top importance: Privileges: for system, objects, and roles Audits: on system privileges, user statements, audited system actions, object privileges and operations audits Others: User password profile resources Initialization (security) parametersStarting Price: $899 USD -
9
Omega Core Audit
DATAPLUS
Your Oracle database is usually the company’s most valuable informational assets, containing data on customers, partners, transactions, financial and much more. With the advent of the information age, millions of such records are now owned by even medium and relatively small companies. Database security has become one of the top concerning priorities of the companies that need to comply with more internal and external regulatory compliance practices and standards, that require stronger information security controls. Omega Core Audit is an out-of-box, software-only security and compliance solution that addresses the above compliance issues by providing Access Control, Continuous Audit Monitoring and Real-Time Protection, thus enforcing duty separation, control of privileged accounts and meeting compliance requirements. With built-in support for Splunk SIEM and GrayLog SIEM.Starting Price: $1499 USD -
10
Oracle Data Safe
Oracle
Data Safe is a unified control center for your Oracle Databases which helps you understand the sensitivity of your data, evaluate risks to data, mask sensitive data, implement and monitor security controls, assess user security, monitor user activity, and address data security compliance requirements. Whether you’re using Oracle Autonomous Database. Oracle Database Cloud Service (exadata, virtual machine, or bare metal), or Oracle Databases on-premises in your own data center, Data Safe delivers essential data security capabilities that help you reduce risk and improve security. Assess user risk by highlighting critical users, roles and privileges. Configure audit policies and collect user activity to identify unusual behavior. Discover sensitive data and understand where it is located. Remove risk from non-production data sets by masking sensitive data. -
11
Delinea’s Database Access Controller enables enterprises to adopt modern cloud databases from AWS, Google, Azure, Oracle, Redis, and others while still enforcing appropriate access levels, multi-factor authentication, complete reporting, and auditing workflows. Proxy connections through a centralized portal and restrict direct database access. Protect databases with layered authentication, authorization, and granular role-based access controls. Provides time-based access, auditable logs, and reports to generate alerts and notifications. Gain granular access control to databases, such as Oracle, MySQL, PostgreSQL, MariaDB, MongoDB, Redis, AWS RDS, and Google DB, whether on-premise or in the cloud. See who is accessing databases and govern their database access using capabilities such as multi-factor authentication (MFA) and logging activities for tighter database security. Secure database access to protect your most valuable information.
-
12
SQL Secure
IDERA, an Idera, Inc. company
SQL Secure helps database administrators to manage SQL Server security in physical, virtual, and cloud environments - including managed cloud databases. Unlike its competition, it provides configurable data collection, customizable templates to satisfy audits for multiple regulatory guidelines, extensive security checks and audit rules, automated server registration process, and server group tagging.Starting Price: $1,036 per instance -
13
Web attack recognition is based on AI+ rules. It is anti-bypass and low in both false negative and false positive rates. Web attack recognition defends effectively against common web attacks including the OWASP top 10 web security threats (SQL injection, unauthorized access, cross-site scripting, cross-site request forgery, web shell trojan upload, etc). Users can cache core web contents to the cloud and publish cached web pages, which act as substitutes and can prevent the negative consequences of web page tampering. Backend data is well protected by pre-event server and application concealing, mid-event attack prevention and post-event sensitive data replacement and concealing. WAF performs nationwide DNS verification of the domain names submitted by the customer to detect and display the hijacking conditions of the protected domain names in various regions, helping avoid data theft and financial losses caused by the hijacking of website users.
-
14
Trustwave DbProtect
Trustwave
A highly scalable database security platform that enables organizations to secure their relational databases and big data stores, both on premises and in the cloud, with a distributed architecture and enterprise-level analytics. Databases contain sensitive and proprietary information, making them a prized target for cybercriminals who are constantly looking for ways to access valuable data for large financial payoffs. Trustwave DbProtect helps your business overcome resource limitations to uncover database configuration errors, access control issues, missing patches, and other weaknesses that could lead to data leakage and misuse and other serious repercussions. A real-time view of database assets, vulnerabilities, risk levels, user privileges, anomalies and incidents via a single intuitive dashboard. The ability to detect, alert and take corrective action against suspicious activities, intrusions and policy violations. -
15
iSecurity Field Encryption
Raz-Lee Security
iSecurity Field Encryption protects sensitive data using strong encryption, integrated key management and auditing. Encryption is vital for protecting confidential information and expediting compliance with PCI-DSS, GDPR, HIPAA, SOX, other government regulations and state privacy laws. Ransomware attacks any file it can access including connected devices, mapped network drivers, shared local networks, and cloud storage services that are mapped to the infected computer. Ransomware doesn’t discriminate. It encrypts every data file that it has access to, including the IFS files. Anti-Ransomware quickly detects high volume cyber threats deployed from an external source, isolates the threat, and prevents it from damaging valuable data that is stored on the IBM i while preserving performance. -
16
AppDetectivePRO
Trustwave
A database and big data scanner that identifies configuration mistakes, identification and access control issues, missing patches, and any toxic combination of settings that could lead to bad outcomes like data loss and DDoS attacks. Databases are critical repositories of customer information and intellectual property, making them enticing targets for cybercriminals. Trustwave AppDetectivePRO allows your business to discover, assess and report in minutes on the security, risk or compliance posture of any database or big data store within your environment – on premises or in the cloud. AppDetectivePRO is a database and big data scanner that identifies configuration mistakes, identification and access control issues, missing patches, and any toxic combination of settings that could lead to escalation of privilege attacks, data leakage, denial-of-service (DoS), or the unauthorized modification of data held within data stores. -
17
Krontech Single Connect
Krontech
Establish a flexible, centrally managed and layered defense security architecture against insider threats with the world's leading Privileged Access Management platform. Single Connect™ Privileged Access Management Suite, known as the fastest to deploy and the most secure PAM solution, delivering IT operational security and efficiency to Enterprises and Telco's globally. Single Connect™ enables IT managers and network admins to efficiently secure the access, control configurations and indisputably record all activities in the data center or network infrastructure, in which any breach in privileged accounts access might have material impact on business continuity. Single Connect™ provides tools, capabilities, indisputable log records and audit trails to help organizations comply with regulations including ISO 27001, ISO 31000: 2009, KVKK, PCI DSS, EPDK, SOX, HIPAA, GDPR in highly regulated industries like finance, energy, health and telecommunications. -
18
Oracle Advanced Security
Oracle
Encrypt application tablespaces to prevent out-of-band access to sensitive data using Oracle Advanced Security. Redaction policies prevent the proliferation of sensitive data and aid in compliance with data protection regulations. Transparent Data Encryption (TDE) stops would-be attackers from bypassing the database and reading sensitive information directly from storage by enforcing data-at-rest encryption in the database layer. Encrypt individual data columns, entire tablespaces, database exports, and backups to control access to sensitive data. Data Redaction complements TDE by reducing the risk of unauthorized data exposure in applications, redacting sensitive data before it leaves the database. Partial or full redaction prevents large-scale extraction of sensitive data into reports and spreadsheets. Encryption is implemented at the database kernel level, eliminating the need for any changes to applications. -
19
sqlmap
sqlmap
sqlmap is an open source penetration testing tool that automates the process of detecting and exploiting SQL injection flaws and taking over of database servers. It comes with a powerful detection engine, many niche features for the ultimate penetration tester and a broad range of switches lasting from database fingerprinting, over data fetching from the database, to accessing the underlying file system and executing commands on the operating system via out-of-band connections. Support to directly connect to the database without passing via a SQL injection, by providing DBMS credentials, IP address, port and database name. Automatic recognition of password hash formats and support for cracking them using a dictionary-based attack. Support to dump database tables entirely, a range of entries or specific columns as per user's choice. The user can also choose to dump only a range of characters from each column's entry. -
20
DataGate
ASNA
Simple, secure, and performant database access is the key to creating successful enterprise applications. And that’s just what ASNA DataGate® provides. ASNA DataGate works directly with either the IBM i or MS SQL Server® databases. DateGate provides transparent record-level access to IBM i DB and Microsoft SQL Server databases with superb performance, performant, and security. DataGate decouples database access from the .NET application--this lets an ASNA Visual RPG application connect to either IBM i DB2 or Microsoft SQL Server without making any major changes to the database access logic. This ability to retarget your application to a different database without major effort is especially powerful in RPG-to.NET application migration scenarios. -
21
Assure Security
Precisely
Assure Compliance Monitoring is a bundle of Assure Security features. Together, they can quickly identify security and compliance issues by producing alerts and reports on IBM i system activity, database changes and views of Db2 data. The bundle includes two features which are also available separately. Assure Monitoring and Reporting seamlessly extracts insights from IBM i journal data and delivers alerts and reports on security incidents and compliance deviations. System and database monitoring capabilities are available separately or together. Or, choose to send data directly to your enterprise SIEM solution allowing IBM i security to be monitored with all other enterprise platforms. Assure Db2 Data Monitor is a unique, innovative solution that monitors views of highly confidential Db2 data and optionally blocks records from view. Assure Security delivers market-leading IBM i security capabilities that help your organization successfully comply with cybersecurity regulations. -
22
Lakera
Lakera
Lakera Guard empowers organizations to build GenAI applications without worrying about prompt injections, data loss, harmful content, and other LLM risks. Powered by the world's most advanced AI threat intelligence. Lakera’s threat intelligence database contains tens of millions of attack data points and is growing by 100k+ entries every day. With Lakera guard, your defense continuously strengthens. Lakera guard embeds industry-leading security intelligence at the heart of your LLM applications so that you can build and deploy secure AI systems at scale. We observe tens of millions of attacks to detect and protect you from undesired behavior and data loss caused by prompt injection. Continuously assess, track, report, and responsibly manage your AI systems across the organization to ensure they are secure at all times. -
23
DBArtisan
IDERA
Proactively manage all major DBMSs (SQL Server, Azure SQL Database, Oracle Database, Sybase ASE and IQ, Db2 LUW and z/OS, Redshift, MySQL, PostgreSQL, and Greenplum) from a single common interface. Reduce training requirements and streamline collaboration among different teams across the organization. Manage multiple Oracle-specific schema object types and SQL Server advanced object properties such as temporal tables, in-memory tables, and natively compiled triggers, procedures and functions. Comprehensive tools help you manage space, data and performance to keep your databases optimized and available. Manage the performance of your databases with a built-in process monitor that helps you understand who is connected to your database along with each user's current activity and session-related data. Sophisticated diagnostics help you pinpoint performance inefficiencies that result in poor space management, tracking key database metadata and performance metrics over time. -
24
Simplifies data regulation needs, enhances visibility and streamlines monitoring IBM® Guardium® Data Compliance helps organizations to move through regulatory compliance and audit requirements more quickly and easily, safeguarding regulated data wherever it resides. Available in IBM® Guardium® Data Security Center, IBM Guardium Data Compliance can reduce audit prep time for data compliance regulations, provide continuous visibility of data security controls, and solve data compliance and data activity monitoring challenges.
-
25
Trellix Database Security
Trellix
Trellix Database Security finds and protects sensitive information in databases from accidental leakage and intentional exposure while maintaining security, optimizing performance, and managing access. Discover sensitive and proprietary information in databases across the environment. Improve regulatory compliance by blocking unauthorized access to sensitive data. Address vulnerabilities quickly, with little to no downtime. Monitor, log, and control database access, in addition to identifying and blocking potential threats before they can damage the environment. Perform automated scans to find supported databases and the sensitive data they contain. Identify and prioritize known vulnerabilities, and receive detailed remediation advice. Protect databases from known and unknown vulnerabilities without downtime. Stop intrusions and other exploits before they impact your environment. -
26
BladeLogic Database Automation
BMC Software
BladeLogic Database Automation is a multi-platform database automation solution that enables database administrators to deploy, patch, upgrade and maintain databases in 1/10th the normal provisioning time. Thus, administrators get more time to support the rollouts of new apps. In today’s digital economy, innovative applications depend on fast-performing databases. Skilled database administrators spend a majority of their time ensuring the existing environments are well maintained, compliant, and secure. Security threats seek vulnerabilities at the database level, which put more pressure on IT to keep current on patches and compliance policies. This gives IT little time to optimize database configurations and queries or push out new features for application releases. -
27
Amazon Lookout for Equipment
Amazon
Use data from existing sensors to create machine learning (ML) models specific to your equipment. Respond with speed and precision with automatic equipment monitoring that pinpoints anomalous sensors. Accelerate issue resolution with immediate notifications and automatic actions when anomalies are detected. Improve model performance and accuracy of alerts by incorporating anomaly trends and feedback. Amazon Lookout for Equipment is an ML industrial equipment monitoring service that detects abnormal equipment behavior so you can act and avoid unplanned downtime. Avoid unplanned downtime by automatically detecting abnormal equipment behavior. Lookout for Equipment automatically analyzes sensor data for your industrial equipment to detect abnormal machine behavior. This allows you to detect equipment anomalies with speed and precision, quickly diagnose issues, and act to avoid unplanned downtime, with no ML experience required. -
28
The growing security threats and ever-expanding privacy regulations have made it necessary to limit exposure of sensitive data. Oracle Data Masking and Subsetting helps database customers improve security, accelerate compliance, and reduce IT costs by sanitizing copies of production data for testing, development, and other activities and by easily discarding unnecessary data. Oracle Data Masking and Subsetting enables entire copies or subsets of application data to be extracted from the database, obfuscated, and shared with partners inside and outside of the business. The integrity of the database is preserved assuring the continuity of the applications. Application Data Modeling automatically discovers columns from Oracle Database tables containing sensitive information based on built-in discovery patterns such as national identifiers, credit card numbers, and other personally identifiable information. It also automatically discovers parent-child relationships defined in the database.Starting Price: $230 one-time payment
-
29
BMC Compuware Application Audit
BMC Software
BMC Compuware Application Audit enables security and compliance teams to easily capture start-to-finish mainframe user behavior in real time, including all successful logins, session keyboard commands and menu selections, and specific data viewed without making any changes to mainframe applications. Application Audit enables enterprises to capture all relevant data about user access and behavior on the mainframe to mitigate cybersecurity risks and fulfill compliance mandates. Get deep insight into user behavior including data viewed, by whom, and which applications were used to access it. Deliver the granular intelligence and reporting needed to comply with regulations such as HIPAA, GDPR, the Australian NDB scheme, as well as company security policies. Separate the system administrator’s duties from the responsibilities of auditors with a web UI, so that no single person is in a position to engage in malicious activities without detection. -
30
DragonSoft DVM
DragonSoft Security Associates
The DVM detection project includes security vulnerability detection, vulnerability audit detection, account and setting audit detection, and supports risk assessment and statistics functions. It also has a database scanner to support database vulnerability detection and security risk assessment. D-GCB can detect the information and communication software of government agencies and units to test whether the endpoint device conforms to the TW GCB configuration settings, thereby reducing the risk of internal computer attacks and avoiding information security concerns. Hyper EDR can detect more than 5000 kinds of popular APT malware and hacking tools. This threat-aware mode does not require any Kernel Driver operation and consumes almost no extra CPU resources. -
31
Wapiti
Wapiti
Wapiti is a web application vulnerability scanner. Wapiti allows you to audit the security of your websites or web applications. It performs "black-box" scans (it does not study the source code) of the web application by crawling the webpages of the deployed web app, looking for scripts and forms where it can inject data. Once it gets the list of URLs, forms, and their inputs, Wapiti acts like a fuzzer, injecting payloads to see if a script is vulnerable. Search for potentially dangerous files on the server. Wapiti supports both GET and POST HTTP methods for attacks. It also supports multipart forms and can inject payloads in filenames (upload). Warnings are raised when an anomaly is found (for example 500 errors and timeouts). Wapiti is able to make the difference between permanent and reflected XSS vulnerabilities. Generates vulnerability reports in various formats (HTML, XML, JSON, TXT, CSV).Starting Price: Free -
32
DB CyberTech
DB CyberTech
Structured high-value data on databases, such as personal information, are highly concentrated assets in a centralized location. What happens when a hacker gains access to your network and your valuable structured data environment? Many past and recent breaches have shown that hackers had breached the network for months or years before high volume and high-value data are stolen. How can we detect and prevent structured data leak in real-time? Identification and alerting of a potential threat (prevent data loss before it happens). Monitoring any potential insider threat. Complements existing policy-based unstructured data solutions, adding continuous monitoring for structured data. -
33
JackDB
JackDB
Write and execute queries in a fully interactive SQL editor. JackDB has everything you'd want in a database client, including: syntax highlighting, code formatting, and intelligent autocompletion. Snippets allow your most useful SQL queries to be saved and shared. Simply write and save any query in JackDB, and share the snippet publicly with your team. Whenever anyone updates a snippet, everyone gets access to its latest version. Security is our highest priority at JackDB. Roles are a very convenient and secure way to restrict database access to authorized users and provision new users with access to data sources. Explore everything in your database, not just tables and views. View your indexes, schemas, and other important system details such as tablespaces and user sessions.Starting Price: $49 per user per month -
34
iSecurity DB-Gate
Raz-Lee Security
DB-Gate empowers IBM i customers with exciting data access capabilities, based on Open Database Connectivity (ODBC), employing standard IBM i facilities to enable fully database-transparent access to remote systems. Using native SQL on the IBM i, users can now access specific files on DB2 and non-DB2 remote databases without any special hardware appliance or software on the remote database. From interactive STRSQL and from any standard program in RPG, Cobol, C, or other languages, access is now easier and more natural than ever. DB-Gate has been proven to be a full, successful replacement for OAM, the Oracle Access Manager, which has not been supported since IBM i release 7.3. As your enterprise applications expand in database requirements and complexity, so does the need to access multiple databases from your main application server. Current methods of accessing specific files on a remote database from within the IBM i require considerable time and resources. -
35
Randtronics DPM Database Manager
Randtronics
Randtronics DPM Database Manager is designed to protect column level data in database. The software is able to do this without having to make any application level code changes - it is totally transparent to database users and applications. DPM Database Manager are able to protect data on Oracle, Microsoft SQL Server and IBM DB for iSeries databases. The software can mask the data in protected column, or tokenise the data when integrating with DPM Token Manager. Rules are designed to be extremely flexible, and it does not matter what level of access a user or application has - the software will even protect against database admins (DBAs) viewing sensitive data. All rules can be dynamically changed using the console, and applied immediately to the data. Masking of column level data in a transparent manner - no application level code changes needed. Tokenisation of column level data by integrating with DPM Token Manager. -
36
Scuba Database Vulnerability Scanner. Download Scuba, a free tool that uncovers hidden security risks. Scan enterprise databases for vulnerabilities and misconfiguration. Know the risks to your databases. Get recommendations on how to mitigate identified issues. Available for Windows, Mac, Linux (x32), and Linux (x64), Scuba offers over 2,300 assessment tests for Oracle, Microsoft SQL, SAP Sybase, IBM DB2 and MySQL. Scuba is a free tool that scans leading enterprise databases for security vulnerabilities and configuration flaws, including patch levels, that allows you to uncover potential database security risks. It includes more than 2,300 assessment tests for Oracle, Microsoft SQL Server, SAP Sybase, IBM DB2 and MySQL. It’s possible to run a Scuba scan from any Windows, Mac or Linux client. Depending on your database size, users, groups and network connection, an average Scuba scan normally takes 2-3 minutes. No pre-installation or other dependencies are required.
-
37
FuzzDB
FuzzDB
FuzzDB was created to increase the likelihood of finding application security vulnerabilities through dynamic application security testing. It's the first and most comprehensive open dictionary of fault injection patterns, predictable resource locations, and regex for matching server responses. FuzzDB contains comprehensive lists of attack payload primitives for fault injection testing. These patterns, categorized by the attack and where appropriate platform type, are known to cause issues like OS command injection, directory listings, directory traversals, source exposure, file upload bypass, authentication bypass, XSS, HTTP header crlf injections, SQL injection, NoSQL injection, and more. For example, FuzzDB catalogs 56 patterns that can potentially be interpreted as a null byte and contains lists of commonly used methods and name-value pairs that trigger debug modes.Starting Price: Free -
38
AWS Fault Injection Service
Amazon
Find performance bottlenecks or other unknown weaknesses missed by traditional software tests. Define specific conditions to stop an experiment or roll back to the pre-experiment state. Run experiments in minutes using pre-built scenarios from the FIS scenario library. Get superior insights by generating real-world failure conditions, such as impaired performance of different resources. Part of AWS Resilience Hub, AWS Fault Injection Service (FIS) is a fully managed service for running fault injection experiments to improve an application’s performance, observability, and resilience. FIS simplifies the process of setting up and running controlled fault injection experiments across a range of AWS services, so teams can build confidence in their application behavior. FIS provides the controls and guardrails that teams need to run experiments in production, such as automatically rolling back or stopping the experiment if specific conditions are met.Starting Price: $0.10 per action-minute -
39
SEAP
XTN Cognitive Security
SEAP® for Mobile is an SDK integrated into the customer’s app and doesn’t require any special permission. SEAP® for Web is JavaScript based, executed in the web browser application environment and does not require the installation of any agent. SEAP® detects malware activity both in mobile and web apps. Some examples of the malware threats monitored include man-in-the-browser and man-in-the-app-attacks, RAT, web injections, overlay attacks, SMS grabbing, memory tampering, and Injection attacks. SEAP® detects and reports technological threats in the device such as jailbreaking and rooting, reverse engineering attempts, binary tampering, repacking. Countermeasures to some of these device conditions can be activated in the app relying on the dedicated RASP APIs. SEAP® detects fraudulent activity taking control of existing user accounts, relying on behavioral biometrics checks and device identity authentication. -
40
Baidu AI Cloud Intrustion Detection System
Baidu AI Cloud
Based on the full-flow image and big data processing technology, the IDS can analyze the flow log authorized by the user, via a bypass. Also, it can identify the web application attack quickly and profoundly mines the remote command execution, web shell backdoor, and sensitive file leakage attacks against the web by hackers, and make the alarm accurately. Furthermore, it saves the original web traffic log and audit report, meeting the audit requirements for cybersecurity classified protection compliance services. Under the user authorization, IDS analyzes the bidirectional HTTP traffic log of user EIP in a real-time manner and quickly identifies various common web attacks, such as SQL injection, XSS cross-site scripting, web shell back door uploading and unauthorized access. -
41
IDLive Face Plus
ID R&D
IDLive Face Plus complements IDLive Face presentation attack detection with injection attack detection, providing comprehensive protection from deepfakes and other types of fraudulent digital imagery. Detect injection attacks that use virtual and external cameras. Prevent browser JavaScript code modifications on both desktops and mobile devices. Prevent man-in-the-middle replay attacks. Protect from emulators, cloning apps, and other software used for fraud. Improve presentation attack detection performance. Facial recognition security relies on presentation attack detection (PAD) to ensure that a biometric selfie is not actually a fraudster presenting a non-live facial image to the camera, such as a printed copy, screen replay, or 3D mask. IDLive Face Plus combines award-winning presentation attack detection with a unique approach to injection attack detection to prevent deepfakes and other fraudulent digital content. -
42
SpecFlow
SpecFlow
SpecFlow makes test automation easier by turning it into a team effort and allowing every role to better use their skills. Don’t waste your time searching for the correct definition across your binding classes, just right-click and jump to the relevant code. Hooks (event bindings) can be used to perform additional automation logic at specific times, such as any setup required prior to executing a scenario. SpecFlow supports a dependency injection framework that is able to instantiate and inject context for scenarios. This allows you to group the shared state in context classes, and inject them into every binding class that needs access to that shared state.Starting Price: Free -
43
Avocado
Avocado
Eliminate lateral movement and data exfiltration with Avocado's agentless, app-native security and visibility. App-native, agentless security powered by runtime policies & pico-segmentation. Designed for simplicity and security at scale. Contain threats at the smallest definable threat surface by creating microscopic perimeters around application subprocesses. Inject runtime controls natively into application subprocesses, enabling self-learning threat detection and automated remediation, no matter the language or architecture. Automatically protect your data against east-west attacks with no manual intervention and near-zero false positives. An agent-based signature, memory, and behavioral detection solutions are not capable of dealing with vast attacks surfaces and laterally moving persistent threats. Without a foundational change in attack detection, zero-day and misconfiguration-related attacks will continue unabated. -
44
Cerber Security
Cerber Tech
Cerber Security vigorously defends WordPress against hacker attacks, spam, and malware. Blazingly fast and reliable by design. A set of specialized request inspection algorithms screen incoming requests for malicious code patterns and traffic anomalies. Bot detection engine identifies and mitigates automated attacks. Mitigates brute force and code injection attacks. Restricts access with GEO country rules. Prevents both REST API and ordinary user enumerations. Restricts access to REST API and XML-RPC. Uses a global list of IP addresses known for malicious activity. Detects bots by using heuristic and content-based algorithms. Checks IP against a real-time database of IP addresses known for disseminating spam, phishing attacks and other forms of malicious activity. Thoroughly scans every file and folder on your website for malware, trojans, and viruses. Automatically removes malware and viruses. Monitors new, changed, and suspicious files. -
45
AccuKnox
AccuKnox
AccuKnox provides a zero trust Cloud Native Application Security (CNAPP) platform. AccuKnox is built in partnership with SRI (Stanford Research Institute) and is anchored on seminal inventions in the areas of container security, anomaly detection, and data provenance. AccuKnox can be deployed in public and private cloud environments. AccuKnox runtime Security helps you discover the application Behavior of the workloads running in a public cloud, private cloud, or on-prem in VM/BareMetal or local Kubernetes orchestrated cluster or unorchestrated pure-containerized cluster. If any ransomware attacker tries to compromise the security of the pod and gets access to the vault pod, they can do a command injection and encrypt the secrets stored in the volume mount points. Then the organizations have to pay millions of dollars to get back their secrets decrypted.Starting Price: $999 per month -
46
iSecurity Safe-Update
Raz-Lee Security
iSecurity Safe-Update protects IBM i business critical data against updates by unauthorized programs. Such programs are those who come from a library which is not used to store production programs, file editors, DFU and Start SQL (STRSQL). It ensures that updates are made by pre-confirmed programs or by programs that are not known as file editors. Government and industry regulations, including Sarbanes-Oxley (SOX), GDPR, PCI, and HIPAA, stipulate measures that companies must take to ensure proper data security and monitoring. They require that only specifically permitted programs can make updates to business-critical data in production environments. Safe-Update guards against unauthorized updates by dangerous programs – programs were not designed for the organization’s business rules and do not comply with them. If an unauthorized update is attempted, a window appears requesting the entry of a ticket. -
47
PHP Secure
PHP Secure
PHP Secure is a FREE code scanner that analyzes your PHP code for critical security vulnerabilities. Free online scanner: - Quickly and qualitatively finds web app vulnerabilities - Gives explicit reports and recommendations to fix vulnerabilities - Easy to use and requires no specialized knowledge - Reduces risk, saves budget, and boosts productivity PHP Secure Scanner is suitable for analyzing sites on Php, framework Laravel, and CMS Wordpress, Drupal and Joomla. PHP Secure detects the most common and dangerous types: -SQL injection vulnerabilities -Command Injection -Cross-Site Scripting (XSS) Vulnerabilities -PHP Serialize Injections -Remote Code Executions -Double Escaping -Directory Traversal -Regular Expression Denial of Service (ReDos) -
48
MyDiamo
Penta Security Systems Inc.
Developed by Penta Security Systems, an APAC leader in encryption technology and web application firewall, MyDiamo is a free open-source database encryption solution, available to all for non-commercial use. The commercial license is available for enterprises and organizations that desire extended features. -
49
dbForge Event Profiler for SQL Server is a free tool for capturing and analyzing SQL Server events. It provides detailed information for database administrators to easily detect, troubleshoot, and resolve server issues and gain comprehensive insights into overall SQL Server performance and health. Key Features: - View sessions running on servers and the queries they are executing - Find out a front-end application or a toot with the heaviest activity - Examine a statement, a batch or a procedure with poor performance - Detect the queries that impact server productivity the most - Monitor, trace, and investigate user activity for audit purposes - Track users' impact on SQL Server resource utilization - Identify the users responsible for particular activities on the serverStarting Price: $0
-
50
Nazar
Nazar
Nazar was created from our own needs to manage multiple databases in multi-cloud or hybrid environments. It is production ready for the main database engines and completely eliminates the need for using multiple tools. It saves one a lot of time by making a standard and easy way to setup new servers in the platform. Get a normalized view of your database's behavior on a single dashboard without having to use multiple tools with completely different views and metrics from one another. Setting up, tracing and investigating logs and querying data dictionaries every time is not where the race is won. Nazar uses the resources already available in the DBMS for monitoring and does not need to rely on agents. NAZAR automates anomaly detection and root-cause analysis, reducing mean time to resolution (MTTR) and detecting issues to avoid incidents for peak application and business performance.
