Database Journal
MS SQL Oracle DB2 Access MySQL PostgreSQL Sybase PHP SQL Etc SQL Scripts & Samples Tips Database Forum Rss Feed

» Database Journal Home
» Database Articles
» Database Tutorials
MS Access
SQL Scripts & Samples
» Database Forum
» Slideshows
Free Newsletters:

News Via RSS Feed

Rss Feed

Database Journal |DBA Support |SQLCourse |SQLCourse2

Featured Database Articles

Database News

Posted Feb 28, 2007

Imperva releases freeware database vulnerability scanner

By Steven Warren

Imperva, a provider of data security and compliance solutions for the data center, recently announced the release of a freeware database vulnerability scanner that detects vulnerabilities and misconfigurations for databases such as Oracle, SQL Server, Sybase, and DB2. This freeware tool is developed by the Imperva Application Defense Center (ADC), an internationally-recognized security research organization.

Security in Production databases often gets overlooked because the security staff is so caught up in making sure the operating system is patched that database security falls to the wasteland. Secure databases are just as important as secure operating systems. Databases contain very sensitive information such as social security numbers, credit cards, and financials. If this data is compromised, it could spell disaster for your corporate image.

With Scuba by Imperva, you can download the completely free java utility (Sun Java JRE 1.4+ ) to a client machine running Windows 98/NT/2000/XP and connect to a database server on your network. The free tool scans for vulnerabilities such as SQL injection, buffer overflow as well configuration issues such as weak passwords, unsafe processes, and unrestricted permission levels.

By simply entering the applicable IP address and proper database login credentials of the database you want to assess, Scuba runs over 351 assessment tests and generates an easy-to-read HTML or JAVA report that detects vulnerabilities and configuration weaknesses. The assessment report will also provide you a severity level (high, medium, and/or low) and whether the assessment run against the database passed or failed.

According to Amichai Shulman, CTO, Imperva, by increasing awareness of database vulnerabilities through its free offering of Scuba, Imperva can offer additional products for sale to help secure your infrastructure on the back end. He went on to say that using a tool such as Scuba allows the security professionals to empower database administrators (DBA) to make sure databases are as secure as possible with little or no effort taken away from a DBA’s day-to-day tasks.

Scuba by Imperva is currently available at www.imperva.com/scuba and is offered as a free download after registering. Download it today.

About Imperva

Imperva is a provider of data security and compliance solutions for the data center. The Imperva product line provides an automated and transparent approach to protecting and controlling sensitive data throughout transactional data systems. The Imperva database and Web application appliances are deployed in leading financial, retail, telecommunications, healthcare, and government organizations around the globe. Founded over five years ago by Shlomo Kramer, recently named one of the 20 luminaries who changed the network industry, Imperva is a solid, privately held company with growing revenues and backing from Accel Partners, Greylock Partners, US Venture Partners, and Venrock Associates. For more information, visit www.imperva.com.

» See All Articles by Columnist Steven S. Warren

Database News Archives

Latest Forum Threads
Database News Forum
Topic By Replies Updated
Efficient SQL Server Indexing by Design lcole 0 April 30th, 12:38 PM
Mine Oracle Database, SQL Server and Other Databases with Monarch Data Pump Pro V10.5 lcole 0 April 30th, 12:37 PM
Oracle Database and Oracle Fusion Middleware for Private Social Network Application lcole 0 April 30th, 12:31 PM
Oracle Database Maintains a Stronghold in the DBMS Market lcole 0 April 30th, 12:30 PM