Science Publications

Sign Up
Sign In
Submit
Current Research in Public Health
Cite This Article Share Download PDF XML
  1. Home
  2. Journals
  3. Current Research in Public Health
  4. Archive
  5. Volume 1, Issue 1, 2020
  6. Article
Review Article Open Access December 26, 2020

Automated Vulnerability Detection and Remediation Framework for Enterprise Databases

Durga Bramarambika Sailaja Varri 1,*
1
Independent Researcher, USA
Publihed in: Current Research in Public Health (Volume 1, Issue 1, 2020)
Page(s): 1-12
DOI: 10.31586/ojes.2020.1354
Received
October 17, 2020
Revised
November 30, 2020
Accepted
December 24, 2020
Published
December 26, 2020
Keywords
Enterprise Databases; Security Vulnerabilities; Vulnerability Detection; Dynamic Testing; Security Patching; Least Privilege Policy
Creative Commons

This is an Open Access article, distributed under the terms of the Creative Commons Attribution 4.0 International License (http://creativecommons.org/licenses/by/4.0/), which permits unrestricted use, distribution and reproduction in any medium or format, provided the original work is properly cited.
Copyright: Copyright © The Author(s), 2020. Published by Scientific Publications
Article metrics
Views
39
Downloads
33

Cite This Article

APA Style
Varri, D. B. S. (2020). Automated Vulnerability Detection and Remediation Framework for Enterprise Databases. Current Research in Public Health, 1(1), 1-12. https://doi.org/10.31586/ojes.2020.1354
ACS Style
Varri, D. B. S. Automated Vulnerability Detection and Remediation Framework for Enterprise Databases. Current Research in Public Health 2020 1(1), 1-12. https://doi.org/10.31586/ojes.2020.1354
Chicago/Turabian Style
Varri, Durga Bramarambika Sailaja. 2020. "Automated Vulnerability Detection and Remediation Framework for Enterprise Databases". Current Research in Public Health 1, no. 1: 1-12. https://doi.org/10.31586/ojes.2020.1354
AMA Style
Varri DBS. Automated Vulnerability Detection and Remediation Framework for Enterprise Databases. Current Research in Public Health. 2020; 1(1):1-12. https://doi.org/10.31586/ojes.2020.1354 
@Article{crph1354,
AUTHOR = {Varri, Durga Bramarambika Sailaja},
TITLE = {Automated Vulnerability Detection and Remediation Framework for Enterprise Databases},
JOURNAL = {Current Research in Public Health},
VOLUME = {1},
YEAR = {2020},
NUMBER = {1},
PAGES = {1-12},
URL = {https://www.scipublications.com/journal/index.php/OJES/article/view/1354},
ISSN = {2831-5162},
DOI = {10.31586/ojes.2020.1354},
ABSTRACT = {Enterprise databases are the heart of applications and contain the most sensitive and critical information of organizations. While there have been significant advances in the security of databases, vulnerabilities still exist due to mistakes made by application developers, database administrators, and users. Manual detection and patching of such vulnerabilities typically take months, but an automated detection and remediation framework is proposed to fill the gap and eliminate a significant number of these vulnerabilities in near-real time. This framework comprises two key components: a detection engine that leverages static analysis to identify potential patches, coupled with query dynamic testing and fuzzing to identify exploitable misconfigurations; and an orchestration engine that applies detected patches on the database, validates the accuracy of the fix, and rolls back changes if the problem is not resolved. A prototype of this framework has been implemented and validated on a real-time database deployed in an enterprise environment. Because of the complexity of the problem landscape, the research focus is on static vulnerability detection and automated corrective actions. These two capabilities can greatly reduce the manual workload associated with vulnerability detection and significantly enhance the assurance that the granted privileges validate the least privilege principle. The proposed architecture aims to enable the deployment of a detection-and-remediation solution that minimizes human effort, reduces the enterprise-at-risk window, and maximizes the volume of detected vulnerabilities.},
}
%0 Journal Article
%A Varri, Durga Bramarambika Sailaja
%D 2020
%J Current Research in Public Health

%@ 2831-5162
%V 1
%N 1
%P 1-12

%T Automated Vulnerability Detection and Remediation Framework for Enterprise Databases
%M doi:10.31586/ojes.2020.1354
%U https://www.scipublications.com/journal/index.php/OJES/article/view/1354

TY  - JOUR
AU  - Varri, Durga Bramarambika Sailaja
TI  - Automated Vulnerability Detection and Remediation Framework for Enterprise Databases
T2  - Current Research in Public Health
PY  - 2020
VL  - 1
IS  - 1
SN  - 2831-5162
SP  - 1
EP  - 12
UR  - https://www.scipublications.com/journal/index.php/OJES/article/view/1354
AB  - Enterprise databases are the heart of applications and contain the most sensitive and critical information of organizations. While there have been significant advances in the security of databases, vulnerabilities still exist due to mistakes made by application developers, database administrators, and users. Manual detection and patching of such vulnerabilities typically take months, but an automated detection and remediation framework is proposed to fill the gap and eliminate a significant number of these vulnerabilities in near-real time. This framework comprises two key components: a detection engine that leverages static analysis to identify potential patches, coupled with query dynamic testing and fuzzing to identify exploitable misconfigurations; and an orchestration engine that applies detected patches on the database, validates the accuracy of the fix, and rolls back changes if the problem is not resolved. A prototype of this framework has been implemented and validated on a real-time database deployed in an enterprise environment. Because of the complexity of the problem landscape, the research focus is on static vulnerability detection and automated corrective actions. These two capabilities can greatly reduce the manual workload associated with vulnerability detection and significantly enhance the assurance that the granted privileges validate the least privilege principle. The proposed architecture aims to enable the deployment of a detection-and-remediation solution that minimizes human effort, reduces the enterprise-at-risk window, and maximizes the volume of detected vulnerabilities.
DO  - Automated Vulnerability Detection and Remediation Framework for Enterprise Databases
TI  - 10.31586/ojes.2020.1354
ER  -