VARUX DB Guard
VARUX DB Guard

Policy Control for Production Writes

Guard UPDATE/DELETE/DDL before it happens.

Deterministic Decisions
Policy-first outcomes
Approval Path
Human-in-the-loop
Evidence-Grade Audit
Traceable by design
request / classify / decide
SQL DELETE FROM prod_main.users;
risk delete_without_where
decision REQUIRE_APPROVAL
policy_version: v1.0 • reason_code: P-DEL-001
Features

Focused control for the write-path.

Proxy gate for production writes, with policy decisions you can prove.

Write-path Enforcement

Intercept UPDATE/DELETE/DDL at the gate.

Deterministic Policy Engine

Clear outcomes, stable reason codes.

Require Approval Workflow

Route risky actions to human review.

SQL Fingerprinting

Normalize queries for consistent policy hits.

Immutable Audit Trail

Evidence-grade records per request.

Context-Aware Decisions

Actor, host, env, scope, and intent signals.

How it works

A gate with receipts.

Every decision is logged with policy context, before execution.

Client

App / script / automation

DB Guard Gate

Classify + extract context

Policy Engine

ALLOW / BLOCK / REQUIRE_APPROVAL

Audit Store

Evidence per request_id

DB Adapter

Proxy execution if allowed

Response

Consistent outcome + metadata

Policies

Small rules. Big leverage.

Short policies, predictable decisions, zero drama.

Policy snippet

decision: REQUIRE_APPROVAL
when: DELETE without WHERE
scope: prod_main.*
Audit & Evidence

Traceability you can ship.

Every write request gets a stable identity and a reason.

request_id
per request trace
fingerprint
normalized query hash
policy_version
auditable policy state
reason_code
human-readable why

Audit log

req_9f2a • fp_31c9 • REQUIRE_APPROVAL • P-DEL-001
req_52b1 • fp_a07d • BLOCK • P-DDL-014
req_11d4 • fp_88e2 • ALLOW • P-UPD-003
Integrations

Designed as a proxy layer.

Works as a gate between clients and production databases.

Postgres Roadmap MSSQL Roadmap MySQL Roadmap

Make production writes boring again.

Policy-first. Observable. Safe-by-default.