Cloud Security Perspectives and Insights

Announcing Oracle Database Security Assessment Tool (DBSAT) 2.2

Pedro Lopes
Product Manager

Contributed by Chetan Vithlani

“The world's most valuable resource is no longer oil, but data” - Clive Humby
As an Oracle Product Manager, I often meet customers. The one question that almost always comes up is, “Where do I start with database security?” My answer is always the same: “Run the Oracle Database Security Assessment Tool (DBSAT) before doing anything else.”

Oracle DBSAT enables organizations to quickly evaluate and improve their security posture by collecting and evaluating security-relevant database information, including:
- Security policies in place and critical gaps
- User privileges, including levels of access to sensitive data 
- Types and locations of sensitive data

DBSAT is one of Oracle’s most popular tools, and since the release of DBSAT 2.0 it has been downloaded by over 25,000 times. Today we are announcing the release of Oracle DBSAT 2.2, with additional features and capabilities to help your organization to improve your overall security posture, and decrease the risk exposure of your Oracle Databases.

Oracle DBSAT 2.2 introduces:
- Analysis of common and local privileges and roles granted in a pluggable database
- New findings:
      + Code Based Access Control (CBAC) roles and privileges granted to stored procedures, functions,             and packages
      + Roles with enabled Unified Audit policies
- Improved remarks for all findings
- Discoverer: Retrieval of Database username/password from SEPS (Secure External Password Store)
- Discoverer: Support for TNS_ADMIN and TNS aliases
- Discoverer: Sample pattern file for Greek language

DBSAT requires no special installation, is easy to use, and produces clear, understandable reports. From initial download to reviewing assessment reports is usually less than 30 minutes. Oracle is proud to offer DBSAT free to all Oracle Database customers. If you have not tried Oracle DBSAT yet, now is the time.

Download Oracle DBSAT today.

Join the discussion

Comments ( 1 )
  • Mark Dixon Monday, September 16, 2019
    DBSAT is a very useful tool for our customers to self-assess the security posture of their Oracle databases. In a toxic environment where well-funded bad actors use increasingly sophisticated tools to steal personal data and intellectual property, protecting data is crucial to the well being of both private and public sector organizations.

    Organizations must also prepare to be resilient and minimize the impact of cyber incidents when they occur. In that vein, DBSAT is a pivotal part of the new Oracle Cyber Resilience Assessment, which can help our customers prepare to "survive and thrive" in the face of cyber attacks.

    A brief Cyber Resilience data sheet can be downloaded here: https://www.oracle.com/a/ocom/docs/corporate/cyber-resilience-ds.pdf

    Mark Dixon
    Oracle Enterprise Architect, Information Security
    Strategy and Business Development
    North America Technology Division
Please enter your name.Please provide a valid email address.Please enter a comment.CAPTCHA challenge response provided was incorrect. Please try again.