Bring your software development workflows to security
Data exfiltration or data leaks are one of the most harmful categories of attack a business can experience. This plugin prevents data leaks by monitoring unusual volumes of data coming out of a database by application route.
In order to define the traffic baseline, this plugin will learn over several days before starting to alert. On top of that, you can define volume thresholds per application route.
On database requests, this plugin watches SQL queries executed by the database from the application and monitors the size of outbound data per IP or UserID (when Sqreen SDK is installed).
If the amount of data exceeds a triggering volume (threshold) or varies in an unusual way compared to the regular traffic, an attack will trigger.
No traffic redirection is made, the data analysis is performed within the application.