Every enterprise security team invests heavily in layers: a SIEM for log analysis, DLP to stop exfiltration at the network edge, a firewall to control what enters and leaves the perimeter, identity and access management to control who can connect. These are all well-designed, mature tools. I am not here to replace any of them.

But they share a blind spot. Every single one of them operates outside the database, and every single one of them acts after the query has already completed. By the time your SIEM processes the log, the data has already been read. By the time your DLP catches the exfiltration, the query has already returned its results to the attacker.

This is not a flaw in those products. It is simply the nature of where they sit in the stack. The gap has always existed. For most organizations, it has just never been addressed — because until recently, there was no practical way to close it.

The Live Query Window

Picture the moment a malicious query is executing inside your database. It might be an insider threat running a bulk SELECT on your customer table. It might be an attacker who has compromised a service account running a slow, systematic extraction disguised as normal application traffic. It might be a sleep-injection attack designed to exhaust your connection pool. In all of these cases, the threat is alive right now — and your security stack is watching from outside the room.

⚠ The gap in plain terms

A query that takes 30 seconds to complete has a 30-second window during which it can be detected and killed before returning a single row. Traditional tools see the log entry after those 30 seconds. DBSheriffAI acts during them.

The live query window is the interval between when a query begins executing and when it completes. It could be milliseconds for a normal lookup, or minutes for a bulk extraction. During that entire window, a real-time AI system — one that sits inside your own private network and reads directly from the database's own monitoring views — can observe, score, and act.

What DBSheriffAI Does

DBSheriffAI is a real-time AI database threat detection and query termination system. It connects to your databases using the same read-only monitoring interfaces your DBAs already use — no agents, no schema changes, no new network appliances. It streams every active query through a three-tier decision engine and terminates confirmed threats before a single result row ever leaves your database.

It works on all six major database engines: PostgreSQL, SQL Server, MySQL and Aurora, Oracle, MongoDB, and Snowflake. It deploys on AWS, GCP, Azure, or fully on-premises — including completely air-gapped environments. And critically: it runs 100% inside your own private network. No query text, no user identity, no schema name, and no event record ever leaves your security perimeter.

The Three-Tier Decision Engine

Not every query that looks suspicious deserves to be killed. DBSheriffAI uses a layered decision model that keeps false positives low and response time near zero.

Tier 1 — Trusted User Bypass
Known-safe users pass through instantly

Designated trusted users — your DBAs, monitoring accounts, known application service accounts — are whitelisted and bypass scoring entirely. This ensures your legitimate high-volume operations never trigger false kills, and keeps the scoring engine focused on what matters.

Tier 2 — Deterministic Rules
Policy violations trigger immediate action — no ML needed

Two sub-tiers handle clear-cut cases without waiting for the AI model. Sensitive table breaches — any query touching tables you have flagged as protected (PII, financial records, credentials) that doesn't come from a trusted account — are terminated immediately. Long-running query detection flags queries that have been active beyond your configured threshold, catching connection pool exhaustion attacks and slow data extraction in progress.

Tier 3 — ML Risk Scoring
AI scores everything the rules don't catch

Queries that pass through Tier 1 and Tier 2 are scored by a trained XGBoost model against your own historical query baseline. The model learns what normal looks like for your actual users and workloads — and continuously retrains on new audit data. Queries that score above your risk threshold are terminated and logged. The model stays inside your subnet. It never leaves.

Sleep Attacks & Connection Pool Exhaustion

One threat category that deserves special mention is sleep-based attacks — sometimes called database DoS attacks. An attacker who has obtained even limited database access can issue queries like SELECT pg_sleep(3600) or WAITFOR DELAY '01:00:00' — commands that tell the database to do nothing for an hour while holding a connection open.

Run enough of these concurrently and your connection pool is exhausted. Legitimate application traffic starts timing out. Your database becomes unavailable. This is a denial-of-service attack executed entirely through normal SQL syntax — and because no data is actually being read, many traditional tools never see it as a threat at all.

🔒 How DBSheriffAI handles sleep attacks

DBSheriffAI catches sleep attacks through two independent mechanisms: (1) Keyword detection — sleep function names across all six database engines are in the risk signal library and trigger Tier 2 scoring immediately. (2) Long-running query threshold — any query exceeding your configured MAX_QUERY_SECONDS is force-terminated regardless of its content. A query sleeping for an hour never survives past the threshold kill. Both layers fire independently, so even a novel sleep variant that bypasses keyword matching still gets caught by the timer.

How It Compares to What You Already Have

The table below is not meant to diminish any existing tool. Your SIEM, your DLP, your firewall — they are all doing exactly what they were designed to do. The point is that they were not designed for this specific window. DBSheriffAI was.

Capability Traditional Security Tools DBSheriffAI
Detection timing After query completes ✓  While query is running
Can terminate the threat ✕  Alert only ✓  Kills connection instantly
Query data stays in your network Varies — many send logs out ✓  100% private subnet
AI risk scoring per query ✕  Rule / signature based ✓  ML scored in real time
Detects sleep / DoS attacks ✕  Not database-layer aware ✓  Keyword + timer, both fire
Model trained on your data ✕  Generic signatures ✓  Self-learns your workload
Replaces existing tools ✓  Adds a layer — replaces nothing

The Private Subnet Guarantee

Most security products — including many that claim to be "on-premises" — have some form of telemetry, license check, or cloud-side dashboard that requires outbound connectivity. DBSheriffAI has none of these.

Every component — the query producers, the streaming pipeline, the AI scoring engine, the model training system, the kill agent, the audit logger — runs inside your own infrastructure. There is no call home. No vendor dashboard. No cloud API. DBSheriffAI operates in fully air-gapped environments where there is zero internet connectivity, because it was designed that way from the start.

🔒 What this means in practice

No GDPR data processor agreement needed. Your query text never leaves your perimeter, so DBSheriffAI does not become a data processor under GDPR. No HIPAA Business Associate Agreement. No PHI ever reaches a vendor system. No PCI scope expansion. The product does not touch cardholder data networks from outside. These are not marketing claims — they are direct consequences of the architecture.

Who Should Be Looking at This

If you have compliance obligations — PCI-DSS, HIPAA, SOC 2, ISO 27001 — and databases that hold sensitive data, the live query window is an audit finding waiting to happen. Auditors are increasingly asking: "What would happen if a privileged user ran a bulk export right now? How would you know? How would you stop it?"

If you are in financial services, healthcare, or any regulated industry where data residency matters, the zero-data-leaving-your-perimeter architecture is not a nice-to-have — it is a requirement. DBSheriffAI was built for exactly these environments.

And if you have already been through a data breach, or come close to one, you know that the question is not whether your perimeter will ever be breached — it is what you have watching the inside when it happens.


See DBSheriffAI in Your Environment

We demonstrate DBSheriffAI in a private technical session — showing live detection, real-time scoring, and query termination against a test database. No marketing slides. No generic demo environment. Your architecture, your questions.

Request a Private Demo Full Product Details →
▶  Related Article
Detect Risk, Flag Anomalies & Neutralize Threats in Real Time — With AI Agents

The same AI pattern that powers real-time credit card fraud detection can be applied to database threat detection. How the four-stage pipeline works — and why it runs identically on any cloud or on-premises.

Read article →