Let’s talk about database vulnerabilities.

Let’s talk about database vulnerabilities.

We have an application and behind, of course, a database. Is our database safe? In order to respond to this question, we need a tool, something that can help us to identify vulnerabilities and solve them.

So, please meet IBM Guardium

IBM Guardium Vulnerability Assessment scans data infrastructures (databases, data warehouses and big data environments) to detect vulnerabilities, and suggests remedial actions. The solution identifies exposures such as missing patches, weak passwords, unauthorized changes and misconfigured privileges. Full reports are provided as well as suggestions to address all vulnerabilities. Guardium Vulnerability Assessment detects behavioral vulnerabilities such as account sharing, excessive administrative logins and unusual after-hours activity. It identifies threats and security gaps in databases that could be exploited by hackers.

Let’s suppose that we have a database. Can be Microsoft SQL, DB2, Oracle, MySQL, PostgreSql, SAP HANA, SYBASE, Teradata, MongoDB, Teradata etc.

First of all, we need to build a security assessment to check our database. So, we use Security Assessment Builder, add the data source that we want to check (can be one or more). 

The next step, is to select the tests that we will use.

IBM Guardium Utilize preconfigured vulnerability tests, encompassing Center for Internet Security (CIS) and Security Technical Implementation Guide (STIG) best practices, updated regularly through the IBM Guardium Knowledge Base service. Support for SCAP and ability to export in SCAP format. Does not rely on intrusive exploits or tests that can impact system availability, and provides external reference information such as common vulnerabilities and exposures (CVE) identifiers.

We select the tests that we want to perform and just run the test that we just build :

And, we get the results as a report.

In the summary we have the results split in categories (Critical, major, Minor ..), that can be filtered using sort controls, and also we have a results history that shows how we improved the tests passing percentage by do the recommendations received.

And, in the detail, when we have the test description, if it pas or not, and if not the action recommended to solve the identified security problem.

    

Another option is to build adashboard to see the results in a graphical way.

And, in the end, we can build an audit process that will run the vulnerability test based on our desired schedule and send the report by mail to the selected persons

Want more info?

Florin FILE MITITA, Presales Team Leader

florin.file@mbd.ro