In this video, we will demonstrate how Anjuna Seaglass can protect your database from memory scraping attacks that can expose sensitive data processed in queries.
Exploring Vulnerabilities in Multi-Tier App Design
Imagine a typical multi-tier app architecture with several components, including a browser and a database. For the sake of simplicity, we will only focus on these two components.
Let’s start by simulating an end-user registration process where sensitive data is provided. As users, we can see the padlock icon and https in the browser, which leads us to believe that our data is secure when we click submit. What happens if an attacker breaches the database? Even when data is encrypted at rest and in transit, that same data is always visible when used by the database.
How Attackers Access PII Data
Now, let’s play the role of an attacker who has gained root access to the database and wants to exploit this vulnerability. As the attacker, we can scrape clear text data from the server’s memory by running a few simple commands. First, we will get the process ID of the database, and then we’ll run Gcore to dump the memory content and save it to a file.
Next, we’ll run Strings to extract text from the binary file and run Grip to search for interesting data. As you can see here, accessing personally identifiable information stored on the server’s memory is quite effortless. This is because every time the database inserts, modifies, or deletes data, it’s stored in clear text in the memory, leaving it vulnerable to exploitation.
Creating a Secure Enclave With Anjuna
Now, let’s see how Anjuna can protect the database. Administrators can invoke the Anjuna Confidential Runtime, which leverages new hardware capabilities in the Cloud to protect data in use. Anjuna creates a secure enclave for this database to operate within, providing unparalleled protection against cyber threats. As you can see in the terminal, Anjuna secures your database with one simple command. And the best part is that you don’t have to re-engineer your database to get this protection.
Protect Data From Exposure
Now, we’re back in the role of the attacker. With Anjuna deployed, even though we still have the same level of access and we’re running the same commands, we can no longer access the PII data in memory. Anjuna Seaglass provides immediate protection against the risk of sensitive data exposure during the normal course of database operations.