Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Perimeter

6/29/2010
12:04 PM
Dark Reading
Dark Reading
Products and Releases
50%
50%

Sentrigo Adds DB2, MySQL Support To Vuln Assessment And Security Scanner

Version 3.5 extends vulnerability scanning to additional database environments

SANTA CLARA, Calif.—June 29, 2010—Sentrigo, Inc. the innovator in database security software, today announced that its leading database vulnerability assessment and security scanning software solution, Repscan, has extended support to include IBM DB2 and MySQL environments. Version 3.5 also includes several new features that allow for faster and more efficient protection of sensitive data.

The Repscan vulnerability assessment and security scanning solution now supports all of the most widely deployed DMBS platforms including Oracle, Microsoft SQL Server, IBM DB2 and MySQL databases. Repscan’s automated testing for more than 3,000 potential vulnerabilities is the most comprehensive vulnerability assessment solution currently available. Reports from Repscan help demonstrate compliance for audit purposes, and improve security overall for an enterprise’s most valuable data.

In addition to its broad database support, Repscan now features a quick vulnerability check based on a port scan, which works with all supported databases to provide an initial view of potential threats immediately, until a more detailed and time-intensive scan can be completed. Running on any of Repscan’s supported platforms, customers also have access to penetration testing tools, forensic trace analysis, and a powerful database browser which allows security staff without specific database knowledge to test and evaluate database security.

“By adding support for DB2 and MySQL, Repscan allows organizations with any of the most widely-deployed database environments to gain a detailed view of their current security posture,” said Dan Sarel, vice president of products at Sentrigo. “Combined with a rich set of new and existing features that allow for superior ease-of-use and ongoing management, Repscan is the clear choice for organizations seeking a comprehensive vulnerability assessment solution. The more advanced features go well beyond traditional vulnerability management or assessment tools, providing PCI QSAs and ASVs, as well as other auditors and security consultants, with a comprehensive tool for conducting their tests.”

Repscan is able to detect database modifications, neglected patches, insecure system configurations, weak and default passwords, as well as exploitable PL/SQL code and forensic traces. Beyond simply listing vulnerabilities, the system organizes items by priority, and provides actionable recommendations for remediation based on input from leading security researchers.

The product complements and integrates with Sentrigo’s Hedgehog Enterprise database activity monitoring and compliance software—the industry’s leading software solution for auditing and protecting corporate databases from privileged insiders as well as malicious hackers. Vulnerabilities discovered by Repscan can automatically generate protection rules and policies within Hedgehog Enterprise, preventing the exploit of identified weaknesses.

For more information about Repscan, please visit http://www.sentrigo.com/repscan.

Tweet this: Sentrigo announces its Repscan vulnerability assessment solution now supports DB2 and MySQL environments

Follow Sentrigo on Twitter at: http://twitter.com/sentrigo

About Sentrigo

Sentrigo is a recognized innovator in database security solutions, offering a full suite of products for vulnerability assessment, virtual patching and database monitoring/auditing. The company’s flagship product, Hedgehog Enterprise, provides Database Activity Monitoring (DAM) and real-time Intrusion Prevention, protecting sensitive data from external threats and misuse by privileged insiders. Hedgehog can be quickly and easily deployed at small and midsize organizations, and scales to handle the largest enterprises, providing full visibility into all database activity and allowing enterprises to enforce security policy and comply with regulatory requirements, such as PCI DSS, Sarbanes-Oxley, and HIPAA. The company has won wide acclaim for its technology leadership from publications such as Network World and SC Magazine, and recently received the 2010 Global Product Excellence Award for Database Security from Info Security Products Guide. For additional information and to download Hedgehog, visit www.sentrigo.com.

Comment  | 
Print  | 
More Insights
Comments
Newest First  |  Oldest First  |  Threaded View
DevSecOps: The Answer to the Cloud Security Skills Gap
Lamont Orange, Chief Information Security Officer at Netskope,  11/15/2019
Attackers' Costs Increasing as Businesses Focus on Security
Robert Lemos, Contributing Writer,  11/15/2019
Register for Dark Reading Newsletters
White Papers
Video
Cartoon Contest
Write a Caption, Win a Starbucks Card! Click Here
Latest Comment: -when I told you that our cyber-defense was from another age
Current Issue
Navigating the Deluge of Security Data
In this Tech Digest, Dark Reading shares the experiences of some top security practitioners as they navigate volumes of security data. We examine some examples of how enterprises can cull this data to find the clues they need.
Flash Poll
Rethinking Enterprise Data Defense
Rethinking Enterprise Data Defense
Frustrated with recurring intrusions and breaches, cybersecurity professionals are questioning some of the industrys conventional wisdom. Heres a look at what theyre thinking about.
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2011-3350
PUBLISHED: 2019-11-19
masqmail 0.2.21 through 0.2.30 improperly calls seteuid() in src/log.c and src/masqmail.c that results in improper privilege dropping.
CVE-2011-3352
PUBLISHED: 2019-11-19
Zikula 1.3.0 build #3168 and probably prior has XSS flaw due to improper sanitization of the 'themename' parameter by setting default, modifying and deleting themes. A remote attacker with Zikula administrator privilege could use this flaw to execute arbitrary HTML or web script code in the context ...
CVE-2011-3349
PUBLISHED: 2019-11-19
lightdm before 0.9.6 writes in .dmrc and Xauthority files using root permissions while the files are in user controlled folders. A local user can overwrite root-owned files via a symlink, which can allow possible privilege escalation.
CVE-2019-10080
PUBLISHED: 2019-11-19
The XMLFileLookupService in NiFi versions 1.3.0 to 1.9.2 allowed trusted users to inadvertently configure a potentially malicious XML file. The XML file has the ability to make external calls to services (via XXE) and reveal information such as the versions of Java, Jersey, and Apache that the NiFI ...
CVE-2019-10083
PUBLISHED: 2019-11-19
When updating a Process Group via the API in NiFi versions 1.3.0 to 1.9.2, the response to the request includes all of its contents (at the top most level, not recursively). The response included details about processors and controller services which the user may not have had read access to.