The Assessment Module of Lumigent® Audit DB™
The assessment module of Audit DB provides continuous database assessment to deliver a comprehensive view of risk to data. After an initial assessment, a baseline is established and monitored for deviations. Any conditions of interest that deviate from the baseline issue an alert. Assessment data from databases across the enterprise is consolidated into a single repository for management and reporting.
A Continuous Approach
Unlike vulnerability scanners that only offer periodic database assessments, Audit DB is “always on”. As a result, areas of weakness and gaps in protection are identified immediately and can be secured before they are exploited.
More than 750 Checks
Audit DB provides assessment of database entitlements, security configurations, and vulnerabilities/exploits. More than 750 checks are performed, including:
- User authorizations and entitlements
- Role/privilege allocation
- RDBMS patch and version levels
- Vulnerabilities and exploits tied to CVE advisories
- Automated detection, notification, and deletion of expired or obsolete user accounts
- Object accessibility and definitions
- RDBMS accessibility, auditing, and security configurations
- Procedural source changes
- OS file system protections and parameter definitions
- And more…
Obsolete User Management
When employees leave or transition from an organization their accounts and entitlements often remain open. This leads to a common vulnerability found in many organizations that can result in an audit finding. More importantly, it subjects the organization to risk by leaving a point of access open to sensitive, corporate information. Audit DB removes this risk by identifying “obsolete” accounts and entitlements. The solution runs a scan to identify all users with access to database assets; it maps to an approved list of users and identifies accounts that don’t match. Access is then locked until the accounts can be reviewed – and removed if necessary.
