Our products examine relational databases and big data stores for configuration mistakes, identification and access control issues, missing patches, or any toxic combination of settings that could lead to escalation of privileges attacks, data leakage, denial of service (DoS), or unauthorized modification of data.
We provide unique, agent-less, unauthenticated (network port inspection), and authenticated (credentialed) assessment approach with no impact on the target data store. This multifaceted approach provides an accurate assessment of the security of relational database or big data store.
We also include a comprehensive and continuously updated library of relational database and big data store vulnerability and security configuration issues backed by Team SHATTER. Through built-in and customized policies, users can examine data stores for Vulnerability, Configuration, and User Rights issues.
Flexible Assessments: Tailored to your needs.
- Pre-packaged scan policies for regulatory compliance and leading security best practices.
- Pre-packaged frameworks such as DISA-STIG and CIS for a complete review of data security controls
- Definable parameters and exceptions to adapt to different environments.
Vulnerability Assessments: Identification of relational database and big data vulnerabilities.
- Default accounts and passwords
- Password strength verification
- Identification and password controls verification
- Verification of database and patch versions against known vulnerabilities.
- Buffer Overflow conditions that can cause a data store to crash or memory to be overwritten
- Denial of Services (DoS) vulnerabilities that can cause the data store to fail or stop responding to requests.
Configuration Assessments: Analysis of data store configuration security mishaps on every level including host operating system related issues.
- Identity and Access authentication method and implementation
- Database Communication Services and Network Configuration
- Implementation of data store system functions and procedures
- Remote Systems, Data Sources, and External Procedures accessibility and implementation
- Native Audit configuraton settings
- Operating System configuration settings of the resident data store
- Operating System host accessibility through data store features and capabilities
User Rights Assessments: In-depth investigation of user, group/role privileges, data ownership, and access controls.
- Database Administrator Accounts and Users with Special Privileges
- Users with Access to Sensitive Data, System Tables, and Powerful Objects
- Exhaustive privilege analysis of all accounts, and comprehensive illustration of object ownership chains.
- Identification of Public Roles, Guest Accounts, and Locked Accounts