Security and compliance are top priorities for databases. To streamline security assessments and reduce the risk of a data breach, Oracle’s Database Security Assessment Tool version 3.1 (DBSAT) is now fully integrated with Oracle Enterprise Manager (EM). This new integration enables you to automate and perform fleet-wide automated security assessments with EM and obtain real-time visibility into database vulnerabilities and compliance risks. The Sensitive Data Assessment feature further enhances data classification and helps you strengthen your privacy protection.

Simplify Assessments across entire fleet of databases

Database security assessments are often performed manually by database making it difficult to maintain a consistent security posture across multiple environments. It is a tedious time-consuming job DBAs think the security team should do and the security team thinks DBAs should do.

Using EM with DBSAT 3.1 integration enables security teams and database administrators to:

  1. Automate and perform database security assessments at scale – conduct continuous vulnerability assessments across your entire database estate from a single dashboard
  2. Evaluate databases against security best practices and compliance frameworks, validate and attest compliance to the latest security best practices
  3. Protect sensitive data using the Leverage Sensitive Data Assessment report
  4. Enhance operational efficiency and control – simplify daily database security operations, respond faster to executive or audit requests and help eliminate the risk of manual human error or malicious employee insider

 

DBSAT
Figure 1:  Fast security and sensitive data assessment results

 

With increasing data volumes and database deployment complexity, large enterprises require a comprehensive and repeatable solution to replace time-consuming manual checking, improve audit readiness, and streamline database security operations. The DBSAT 3.1 integration with Enterprise Manager provides a comprehensive approach and addresses many key challenges enterprise face today, and delivers security at scale without adding more staff. DBSAT 3.1 can be deployed through Enterprise Manager’ Self-Update mechanism, ensuring seamless integration and up-to-date security assessments

Steps to access the Self-Update Mechanism- Deploy DBSAT 3.1 via EM Self-Update

  1. Prerequisites: Ensure you are using Enterprise Manager 13.5 RU24 or later or Enterprise Manager 24ai
  2. Oracle DBSAT Compliance Standard in Enterprise Manager is supported only on host platforms running Oracle Linux 7 or later 
  3. Navigate to the Self-Update Page: In Oracle Enterprise Manager, go to Setup > Extensibility > Self-Update
  4. Select Compliance content: Under Compliance Content category, view and apply available updates (see Figure 2)

 

Figure 2: Self update compliance updates
Figure 2: Self update compliance updates

 

  1. Check for Updates: Look for the Database Security Assessment Tool (DBSAT) 3.1.0 update.
  2. Download and Install: Select DBSAT 3.1, download it, and follow the on-screen prompts.

 

Figure 3: DBSAT 3.1 installed using Self Update
Figure 3: DBSAT 3.1 installed using Self Update

Verification of DBSAT 3.1.0 in Compliance Library

  1. In EM 13.5, navigate to Enterprise > Compliance > Library > Compliance Standards.
  2. Search for “Database Security Assessment Tool Standard (3.1.0)” compliance standard
Figure 4: DBSAT 3.1 standard availability in Enterprise Manager Library
Figure 4: DBSAT 3.1 standard availability in Enterprise Manager Library

 

The integration of DBSAT 3.1 with Oracle Enterprise Manager provides a powerful solution for safeguarding enterprise databases. With the self-update mechanism, you can effortlessly stay current with security standards, ensuring databases remain protected against evolving threats. By enabling continuous monitoring, DBSAT 3.1 helps mitigate risks, protect sensitive data, and simplify compliance. Start the self Update today.

This chapter contains the following sections:

Resources