Free trial on database security assessment tool
ONE of the country’s leading solutions integrators, Radenta Technologies, a member of Oracle PartnerNetwork (OPN), is introducing the Oracle Database Security Assessment Tool (DBSAT) with a one-time free assessment valid until Dec. 15, 2023.
DBSAT is a command-line tool that helps identify areas where database configuration, operation or implementation introduces risks and recommends changes and controls to mitigate those risks. Applicable for databases on premise or in the cloud, DBSAT helps assess how securely the database is configured, determines who the users and their entitlements are, and identifies where sensitive data resides within the database.
DBSAT also considers existing regulatory compliance with Republic Act 10173, or the “Data Privacy Act,” protecting individual personal information and communications systems in the government and the private sector; and Cyber Security Philippines CERT recognized as the first registered Computer Response Team in the Philippines. The team is under the Division of the Software Engineering Institute at Carnegie Mellon University in Pennsylvania, United States.
How does an enterprise determine the strength of its data security? Oracle says, “think like a hacker.”
If the data is encrypted, someone needs to get into the database as an authorized user. Are there users using default passwords? Can someone escalate privileges? Is auditing on? Who has DBA-lie privileges? What are the known vulnerabilities of this database version? Have those been patched? Which packaged applications are running? Are they running with powerful system privileges? What type of sensitive data do they process?
These are the questions running inside a hacker’s mind. Owners, controllers or processors of data and organizations need to think similarly, that is, way before hackers target their databases.
The process does not stop here. Maintaining a solid security posture is not easy. Organizations struggle to assess the security of their databases due to a lack of database security expertise, shortage of time, a lack of proper prioritization, and misunderstanding of the risks. Database security knowledge may also be scattered between the database administrators and the IT security team.
DBSAT accelerates the assessment process by providing a view on how securely the database is configured, who are the users and what are their entitlements, what security policies are in place, what security controls are implemented, and where sensitive data resides. DBSAT then produces a series of findings that provides high-level status, risk levels, summary details and references.
The findings are provided in multiple formats, such as HTML, Microsoft Excel, JSON, and text file, so that organizations can incorporate the data as part of their configuration and risk management tools.
DBSAT can discover sensitive data. It scans the database metadata for sensitive data using customizable regular expression patterns. This provides organizations with an insight on how much data they have and where it resides, enabling them to apply appropriate access controls, auditing, masking and encryption.
Ask Radenta how Oracle DBSAT can best secure your databases through email at [email protected] or log on to www.radenta.com.
