Announcement: Oracle DBSAT 2.2.2 is now GA

August 16, 2021 | 2 minute read
Pedro Lopes
Product Manager
Text Size 100%:

We are happy to announce the latest release of the popular Database Security Assessment Tool (DBSAT) that helps identify areas where database configuration, operation, or implementation introduces risks and subsequently recommends changes and controls to mitigate those risks. DBSAT helps assess how securely the database is configured, determines who the users are and their respective entitlements, and identifies where sensitive data resides within the database. DBSAT 2.2.2 remains, as always, a free tool for Oracle Database customers.

DBSAT already has offered focused security and compliance checks of Oracle Database starting 11.2.  Our new DBSAT 2.2.2 release can now differentiate between on-premises Oracle Databases, Oracle Autonomous Databases (Shared and Dedicated), and Oracle Database Cloud Services (DBCS). Depending upon the database target type, DBSAT performs different checks and provides target-specific remarks. DBSAT 2.2.2 has also added new checks, improved the accuracy of the existing checks, and clarified several remarks.

Oracle DBSAT 2.2.2 introduces

  • Specific checks and targeted recommendations for on-premises Oracle Database and cloud databases such as Oracle Autonomous Database (Shared and Dedicated) and Oracle Database Cloud Service (DBCS).
  • Checks that included the DBA role now also check the PDB_DBA role.

New checks

  • USER.GPR - Provides recommendations for the Gradual Password Rollover feature.
  • CRYPT.DBFIPS - Checks if the parameter DBFIPS_140 is set to true.

Improved checks

  • INFO.PATCH - Now considers patching details of the Autonomous Database.
  • CRYPT.TDE - Now lists how many days have passed since the master encryption key was last rotated.
  • CONF.BKUP - Improved accuracy. Checks were also improved to better assess the frequency of backups in Autonomous Databases.
  • CONF.DIR - Directory objects that pose a risk now appear at the top of the details section.
  • AUTH.DV - Improved to focus on user-created Database Vault policies.

More details can be found in the release notes.

Download and run Oracle DBSAT 2.2.2 today.

Pedro Lopes

Product Manager

Pedro Lopes is a Field Product Manager in the Oracle Database Security group. He covers Europe, Middle East, and Africa (EMEA), and Latin America regions for all Database Security features and products and manages the popular Oracle Database Security Assessment Tool, and Assessment technologies in Oracle Data Safe. He played numerous roles from Consulting to Presales during the last 20 years at Oracle. Pedro is helping customers to adopt Oracle Data Safe and to understand how Oracle Database Security solutions may help address EU GDPR and other regulatory requirements. Pedro’s certifications include CISSP, ITIL v3 Foundation, and International Project Management Association Level D (IPMA).

Show more
Oracle Chatbot
Disconnected