For now, at least, there are few out-of-the-box products that can help companies do end-to-end log collection and real-time data correlation and analysis, said Amer Deeba, vice president of marketing at Qualys Inc., a vulnerability management services provider in Redwood Shores, Calif. And the cost to custom-build such capabilities can be prohibitive, added Deeba.

But there are some tools that IT managers can use to address parts of the challenge, Deeba noted. For instance, several logging and monitoring tools are available for quickly detecting unauthorized database activity.

USEC Inc., a US$1.6 billion energy company in Bethesda, Md., uses an appliance from Guardium Inc. to monitor the activities of the database administrators who manage the Oracle and SQL Server databases underlying its financial applications. The Guardium device can detect unauthorized changes and other policy violations that could affect the integrity of USEC's financial data in real time, said CIO David Vordick.

The technology also enables USEC to monitor compliance with its Sarbanes-Oxley financial reporting obligations and provides the company with a real-time, security-alerting capability, Vordick said.

Accor North America, a Carrollton, Texas-based company that operates hotel chains such as Red Roof Inns and Sofitel, is using a similar monitoring technology from Imperva Inc. to monitor for unusual database activity as it occurs. Such tools can allow companies to move from a "passive security" model to a more aggressive one, said Jaimin Shah, a senior security engineer at Accor.