DEV Community

Cover image for Acra. Features: Database request firewall
Cossack Labs
Cossack Labs

Posted on

2 2

Acra. Features: Database request firewall

Like in real life, the more coping strategies people have, the bigger opportunities and less friction on their way to the goals they have. So we equipped Acra database security suite with proactive measures against suspicious and malicious database queries.

Use Acra Community Edition for free. Check out Acra Enterprise Edition tailored for solutions with high security requirements.

6️⃣ AcraCensor—Acra Database Firewall

Acra Database Firewall (aka AcraCensor) is an SQL firewall module for Acra that checks every incoming SQL request. AcraCensor logs SQL requests directed to the database, allows and denies those requests according to the rule list you’ve configured.

💡 AcraCensor can be configured for your exact use case, allowing you to set up an allowlist and a denylist for particular tables, columns within a table, regex query patterns, or exact queries.

Database Firewall. Acra by Cossack Labs

Depending on your security goals, AcraCensor can react in different ways: reject the query with error, provide forged data in response, or even shut down the whole Acra cluster.

AcraCensor's goal is to protect the database from SQL injections and suspicious SQL queries. It is compatible with SIEM systems, providing logs that can be used for alerts' configuration and anomaly detection.

AcraCensor is a SQL firewall, which works on a different level than web application firewall (WAF), but they can work together. Read more about the difference between SQL firewalls and WAFs in our blog.

🔥 Defense-in-depth requires multi-vector attention efforts. And when in a big game you open new ways, we provide our security multi-tools to cover you from threats.

Do your career a big favor. Join DEV. (The website you're on right now)

It takes one minute, it's free, and is worth it for your career.

Get started

Community matters

Top comments (0)

👋 Kindness is contagious

Immerse yourself in a wealth of knowledge with this piece, supported by the inclusive DEV Community—every developer, no matter where they are in their journey, is invited to contribute to our collective wisdom.

A simple “thank you” goes a long way—express your gratitude below in the comments!

Gathering insights enriches our journey on DEV and fortifies our community ties. Did you find this article valuable? Taking a moment to thank the author can have a significant impact.

Okay