Oracle has announced the Oracle Database Security Assessment Tool (DBSAT) to help organizations assess the security configuration of their databases, identify sensitive data, and evaluate database users for risk exposure.
The new tool was explained in a blog post by Vipin Samar, senior vice president, Oracle.
“DBSAT is a simple, lightweight, and free tool that helps Oracle customers quickly assess their databases,” he writes. “Designed to be used by all Oracle database customers in small or large organizations, DBSAT has no dependency on other tools or infrastructure and needs no special expertise. DBAs can download DBSAT and get actionable reports in as little as 10 minutes.”
According to Samar, based upon decades of Oracle’s field experience in securing databases against common threats, DBSAT looks at various configuration parameters, identifies gaps, discovers missing security patches, and suggests remediation. It also checks whether security measures such as encryption, auditing, and access control are deployed, and how they compare against best practices. Beyond that, it also evaluates user accounts, roles, and associated security policies, determining who can access the database, whether they have highly sensitive privileges, and how those users should be secured.
Finally, said Samar, “DBSAT searches your database metadata for more than 50 types of sensitive data including personally identifiable information, job data, health data, financial data, and information technology data. You can also customize the search patterns to look for sensitive data specific to your organization or industry. DBSAT helps you not only discover how much sensitive data you have, but also which schemas and tables have them.”
DBSAT also helps provide recommendations to assist with compliance with regulations regarding data management such as the European Union General Data Protection Regulation (EU GDPR) that calls for impact assessments and other enhanced privacy protections. DBSAT can highlight findings that are applicable to EU GDPR and the Center for Internet Security benchmark.
To read the blog post, go here.