Actually now I look at the description "Database Vulnerability Scanner" that looks like Sentrigo functionality that we do use and I described below. On Feb 18, 2014 7:19 AM, "Niall Litchfield" <niall.litchfield@xxxxxxxxx> wrote: > We use DAM here and I'm pretty happy with it. You will likely find, much > as anyone who has ever turned on auditing finds, a large number of alerts > to start with until you get your rules sorted - each *use* of a privilege > or potentially insecure feature gets flagged - so you probably want to > limit access to the console to start with. If you search for Sentrigo > Hedgehog you'll no doubt find more user reviews and opinion. We don't yet > use it against SQL and we don't use the other product you mention so I'll > not comment on them > On Feb 17, 2014 8:01 PM, "Scott Canaan" <srcdco@xxxxxxx> wrote: > >> Our security office is looking at having the McAfee Database Activity >> Monitor and McAfee Database Vulnerability Scanner installed on all of our >> Oracle and SQL Server databases and servers. This is not the standalone >> configuration, but the configuration with the ePo server that would collect >> all of the information from each server and database and consolidate the >> information into a standard console that many people would have access to. >> >> >> >> Has anyone had any experience with either or both of these products? If >> so, do you have any concerns about the level of access the user has on the >> server and in the database? >> >> >> >> Thank you, >> >> >> >> Scott Canaan '88 (srcdco@xxxxxxx) >> >> (585) 475-7886 - work >> >> "Life is like a sewer, what you get out of it depends on what you put >> into it." - Tom Lehrer >> >> >> >