ShareVulnerability Management and Configuration Audits
Recent database breaches have demonstrated how easy it is to exploit unpatched systems, gain access to accounts with default passwords, and leverage administrative rights to steal data. In addition, periodic configuration audits are needed for demonstrating compliance with internal standards and regulatory compliance mandates. SecureSphere enables centralized assessment of vulnerabilities, patches and configuration gaps.
| Key Capabilities | ||||||||||
|
To learn more, click on the Capabilities tab.
Vulnerability Assessment: Detect Exposed Databases
SecureSphere DAS provides a comprehensive list of over 1000 tests and assessment policies for scanning platform, software, and configuration vulnerabilities. The vulnerability assessment process, which can be fully customized, uses industry best practices such as DISA STIG and CIS benchmarks. It results in a set of detailed reports documenting vulnerabilities that put databases at risk, as well as configurations that deviate from defined standards.
Virtual Patching: Protect Before Patches Are Available
SecureSphere DAS enables protection against attempts to exploit vulnerabilities when deployed with SecureSphere Database Firewall (DBF). Customers can enable real-time security policies to block or alert on attempts to exploit vulnerabilities. This allows for immediate protection while patches are developed by the software vendors, thoroughly tested and safely deployed on the database servers.
Discovery and Classification: Locate Sensitive Data
SecureSphere DAS identifies where databases are located on the network and surfaces "rogue" databases. SecureSphere scans the databases for sensitive data that is the focus of security and compliance projects. The results highlight well-known and custom sensitive data types, and track their location down to the database object, row and column. Object and column level classification enables organizations to focus on data in scope for security and compliance projects and configuration of granular policies minimizing the resources required to support these projects.
User Rights Management: Find Excessive Rights
Enables automatic aggregation and review of user rights with the User Rights Management for Databases (URMD) add-on option. SecureSphere supports a focused analysis of rights to sensitive data and identification of excessive rights and dormant accounts based on organizational context, object sensitivity and actual usage. Using URMD organizations can demonstrate compliance with regulations such as SOX, PCI 7, and PCI 8.5 and reduce the risk of data breach.
Data Risk Analysis: Putting it All Together
SecureSphere DAS enables educated decision making by providing a combined analysis of vulnerabilities and affected sensitive data. SecureSphere calculates the risk associated with each data asset based on data sensitivity and the severity of platform and database vulnerabilities. A graphical dashboard with drill down capabilities supports risk-focused prioritization of risk reduction efforts.
Discovery and Assessment Server Specifications
| Specification | Description |
|---|---|
| Supported Database Platforms |
|
| Automated Discovery |
|
| Data Classification |
|
| Vulnerability Assessment |
|
| Enterprise Application Assessments |
|
| Compliance Assessments |
|
| Risk Management |
|
| Scheduling |
|
| Actions |
|
| Assessment Updates |
|
| Performance Overhead |
|
| Management |
|
| Role-Based Controls |
|
| Event Notification |
|
| Reports |
|
| Report Formats |
|
| Related Products |
