RE: Security auditing tools

  • From: "CRISLER, JON A" <JC1706@xxxxxxx>
  • To: "nupendra@xxxxxxxxxxx" <nupendra@xxxxxxxxxxx>, "joel.patterson@xxxxxxxxxxx" <joel.patterson@xxxxxxxxxxx>, Oracle-L <oracle-l@xxxxxxxxxxxxx>
  • Date: Tue, 19 Jun 2012 15:24:03 +0000

Agree with DBProtect having a lot of features you are looking for, and McAfee 
also has some db security tools to check for patches, vulnerabilities etc.  I 
have not personally used DB Protect but other groups in my company have used it.

-----Original Message-----
From: oracle-l-bounce@xxxxxxxxxxxxx [mailto:oracle-l-bounce@xxxxxxxxxxxxx] On 
Behalf Of Upendra N
Sent: Friday, June 15, 2012 7:30 PM
To: joel.patterson@xxxxxxxxxxx; Oracle-L
Subject: RE: Security auditing tools

Hi Joel,
I have been reviewing of tools similar that as well.. the notable ones that I 
have come across are Guardium (IBM purchased this some time ago) and DBProtect 
(A product from Application Security Inc.). Both of them provide very similar 
functionality.. We could audit the database binary for missing patches, known 
vulnerabilities, default passwords.  Guardium also says that it has tools to 
analyze the workload characteristics of a user and identify any deviations 
which might be a result of SQL Injection etc. 

Both of them let you configure real-time alerting based on several criteria. 
They both provide built-in reports which contains enough information for 
SOX/PCI/HiPAA compliance reporting.


BTW, for the 22 page document you are talking about.. did you build this 
yourself? 

Have you seen the 157 page document about Oracle Database security? ;) 
https://benchmarks.cisecurity.org/tools2/oracle/CIS_Oracle_11g_Benchmark_v1.1.0.pdf


-Upendra


> From: Joel.Patterson@xxxxxxxxxxx
> To: Oracle-L@xxxxxxxxxxxxx
> Date: Fri, 15 Jun 2012 11:03:08 -0400
> Subject: Security auditing tools
> 
> We are in the process of laying out a baseline of what and how the databases 
> and software should be set - as it pertains to security.
> Of course this encompasses everything from file permissions to account locks, 
> default passwords - and on and on as you might imagine.   I have already seen 
> a 22 page document listing.
> 
> Right away, I notice there are a couple items out of date, in this case 
> pertaining to passwords on the listeners.   Or, pertaining to listeners 
> again, creating separate listeners for everything on your server, from the 
> agent to administration purposes.    Or 'locking' the oracle account --- 
> etc....
> 
> What I would like from the list, if one is inclined to be so kind, is if 
> there are any good 'tools' that anyone uses, that automates the process of 
> checking/auditing security.     Also, any up to date documents on issues 
> like, but not unlike, what I just brought up with the listeners.
> 
> Best Regards,
> 
> Joel Patterson
> Database Administrator
> 904 727-2546
> 
> 
> 
> --
> http://www.freelists.org/webpage/oracle-l
> 
> 
                                          
--
http://www.freelists.org/webpage/oracle-l


--
http://www.freelists.org/webpage/oracle-l


Other related posts: