DEV Community

Cover image for Acra. Features: Security events automation
Cossack Labs
Cossack Labs

Posted on

Acra. Features: Security events automation

We designed Acra to be a single tool that solves your data security vital needs. Also, we kept in mind that security requires not only monitoring and alerting, but also reaction on possible incidents. With Acra your security job can be easier.😊

Use Acra Community Edition for free. Check out Acra Enterprise Edition tailored for solutions with high security requirements.

9️⃣ Security events automation

Being a gateway for data protection, Acra provides multiple ways to automate security reactions and decrease MTTD & MTTR. Observe, monitor and automate one product instead of multiple.

❇️ Acra’s security log is specifically pre-configured to be helpful to SIEM/SOC operators to build analytics and automation around security events.

❇️ Acra’s cryptographically signed audit log is designed to be verifiable: no one can simply change, add or remove log messages without notice. Automate log verification procedure and alert SOC engineers in case logs couldn’t be verified.

❇️ Poison records raise security alarms once they go through Acra. Generate poison records via Acra and put them into the database to the columns/tables/fields that authenticated apps shouldn’t read. If a malicious app or SQL injection reads these records, Acra catches them and triggers a reaction. Configure reactions—error response, fake data response or even shutdown of the whole Acra cluster.

❇️ Configure Acra Censor—SQL firewall—to deny SQL queries reading specific tables/columns or based on flexible rules. Setup monitoring on Acra Censor’s events to alert your engineers right away of someone knocking at your door.

🔥 As you see, Acra features cover different risks and threats while supporting each other in their mission. This multi-layered design allows you to turn your databases into real strongholds. See what other features work for your peace of mind in Acra.

Top comments (0)