Database Vulnerability & Configuration Management - the alerting and reporting of potential security weaknesses, either existing or being created, on data to close them off before anything damaging COULD happen.
Our Database Vulnerability & Configuration Management service will:
- Perform a proactive security posture assessment of existing database environment for Internal Audit, External Audit or Management
- Look at how configuration differs from policy
- Provide baseline & differencing of configurations to ensure that potential areas of threat to your databases are closed
- Compare with industry best practices
- Recommend hardening of controls for security purposes
- Privileged Users
- Identify current privileged users
- Identify privileged user entitlements
- User Accounts
- Identify and remove obsolete / dormant user accounts
- Validate password policies are enforced
- Database Configuration Security
- Review access to key database objects by roles / users
- Review access to key database objects by approved procedure vs SQL
- Review operating system configuration settings / changes
- Review Database Management Systems configuration settings / changes
- Review Database Management Systems versions / patch levels