There have a been a bunch of posts and gobs of marketing blurring the lines of distinction between data security products like database activity monitoring solutions and network security products like web application firewalls.
Even within data security - say across DLP, DAM, and database scanning - it can get murky. Some of this is certainly the result of vendors casting about for traction in the market. Nothing like some data security lipstick to gussy up that network security pig.
To be fair, at some point many of today's discrete data security solutions (like DLP and DAM) will consolidate into unified solutions in much the same way firewalls, anti-spam, anti-virus, etc. have combined to create UTM solutions.
But that will take years to occur and in light of all of the data breaches most large enterprises can't wait until then.
So what should you do and how will these markets evolve? Recently, Adrian Lane at Securosis had a great post shedding some much needed light on this topic.
I agree that customers looking for quick time to value are far more likely to reap benefits from creating synergy across processes that relate to the same IT assets (for example, across discovery, assessment, and monitoring as they relate to databases) than they are for similar processes across different IT assets (for example, monitoring across web applications, databases, and packaged apps).
Mainly this is true because a more coherent group of people are involved and it’s easier to set policy.
For example, you might decide to monitor all access to the credit card column and to scan critical databases to ensure that default IDs/PWs for privileged accounts have been changed.
