Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Perimeter

6/29/2010
12:04 PM
Dark Reading
Dark Reading
Products and Releases
50%
50%

Sentrigo Adds DB2, MySQL Support To Vuln Assessment And Security Scanner

Version 3.5 extends vulnerability scanning to additional database environments

SANTA CLARA, Calif.—June 29, 2010—Sentrigo, Inc. the innovator in database security software, today announced that its leading database vulnerability assessment and security scanning software solution, Repscan, has extended support to include IBM DB2 and MySQL environments. Version 3.5 also includes several new features that allow for faster and more efficient protection of sensitive data.

The Repscan vulnerability assessment and security scanning solution now supports all of the most widely deployed DMBS platforms including Oracle, Microsoft SQL Server, IBM DB2 and MySQL databases. Repscan’s automated testing for more than 3,000 potential vulnerabilities is the most comprehensive vulnerability assessment solution currently available. Reports from Repscan help demonstrate compliance for audit purposes, and improve security overall for an enterprise’s most valuable data.

In addition to its broad database support, Repscan now features a quick vulnerability check based on a port scan, which works with all supported databases to provide an initial view of potential threats immediately, until a more detailed and time-intensive scan can be completed. Running on any of Repscan’s supported platforms, customers also have access to penetration testing tools, forensic trace analysis, and a powerful database browser which allows security staff without specific database knowledge to test and evaluate database security.

“By adding support for DB2 and MySQL, Repscan allows organizations with any of the most widely-deployed database environments to gain a detailed view of their current security posture,” said Dan Sarel, vice president of products at Sentrigo. “Combined with a rich set of new and existing features that allow for superior ease-of-use and ongoing management, Repscan is the clear choice for organizations seeking a comprehensive vulnerability assessment solution. The more advanced features go well beyond traditional vulnerability management or assessment tools, providing PCI QSAs and ASVs, as well as other auditors and security consultants, with a comprehensive tool for conducting their tests.”

Repscan is able to detect database modifications, neglected patches, insecure system configurations, weak and default passwords, as well as exploitable PL/SQL code and forensic traces. Beyond simply listing vulnerabilities, the system organizes items by priority, and provides actionable recommendations for remediation based on input from leading security researchers.

The product complements and integrates with Sentrigo’s Hedgehog Enterprise database activity monitoring and compliance software—the industry’s leading software solution for auditing and protecting corporate databases from privileged insiders as well as malicious hackers. Vulnerabilities discovered by Repscan can automatically generate protection rules and policies within Hedgehog Enterprise, preventing the exploit of identified weaknesses.

For more information about Repscan, please visit http://www.sentrigo.com/repscan.

Tweet this: Sentrigo announces its Repscan vulnerability assessment solution now supports DB2 and MySQL environments

Follow Sentrigo on Twitter at: http://twitter.com/sentrigo

About Sentrigo

Sentrigo is a recognized innovator in database security solutions, offering a full suite of products for vulnerability assessment, virtual patching and database monitoring/auditing. The company’s flagship product, Hedgehog Enterprise, provides Database Activity Monitoring (DAM) and real-time Intrusion Prevention, protecting sensitive data from external threats and misuse by privileged insiders. Hedgehog can be quickly and easily deployed at small and midsize organizations, and scales to handle the largest enterprises, providing full visibility into all database activity and allowing enterprises to enforce security policy and comply with regulatory requirements, such as PCI DSS, Sarbanes-Oxley, and HIPAA. The company has won wide acclaim for its technology leadership from publications such as Network World and SC Magazine, and recently received the 2010 Global Product Excellence Award for Database Security from Info Security Products Guide. For additional information and to download Hedgehog, visit www.sentrigo.com.

 

Recommended Reading:

Comment  | 
Print  | 
More Insights
Comments
Oldest First  |  Newest First  |  Threaded View
COVID-19: Latest Security News & Commentary
Dark Reading Staff 7/9/2020
Omdia Research Launches Page on Dark Reading
Tim Wilson, Editor in Chief, Dark Reading 7/9/2020
4 Security Tips as the July 15 Tax-Day Extension Draws Near
Shane Buckley, President & Chief Operating Officer, Gigamon,  7/10/2020
Register for Dark Reading Newsletters
White Papers
Video
Cartoon
Current Issue
Special Report: Computing's New Normal, a Dark Reading Perspective
This special report examines how IT security organizations have adapted to the "new normal" of computing and what the long-term effects will be. Read it and get a unique set of perspectives on issues ranging from new threats & vulnerabilities as a result of remote working to how enterprise security strategy will be affected long term.
Flash Poll
The Threat from the Internetand What Your Organization Can Do About It
The Threat from the Internetand What Your Organization Can Do About It
This report describes some of the latest attacks and threats emanating from the Internet, as well as advice and tips on how your organization can mitigate those threats before they affect your business. Download it today!
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2020-15105
PUBLISHED: 2020-07-10
Django Two-Factor Authentication before 1.12, stores the user's password in clear text in the user session (base64-encoded). The password is stored in the session when the user submits their username and password, and is removed once they complete authentication by entering a two-factor authenticati...
CVE-2020-11061
PUBLISHED: 2020-07-10
In Bareos Director less than or equal to 16.2.10, 17.2.9, 18.2.8, and 19.2.7, a heap overflow allows a malicious client to corrupt the director's memory via oversized digest strings sent during initialization of a verify job. Disabling verify jobs mitigates the problem. This issue is also patched in...
CVE-2020-4042
PUBLISHED: 2020-07-10
Bareos before version 19.2.8 and earlier allows a malicious client to communicate with the director without knowledge of the shared secret if the director allows client initiated connection and connects to the client itself. The malicious client can replay the Bareos director's cram-md5 challenge to...
CVE-2020-11081
PUBLISHED: 2020-07-10
osquery before version 4.4.0 enables a priviledge escalation vulnerability. If a Window system is configured with a PATH that contains a user-writable directory then a local user may write a zlib1.dll DLL, which osquery will attempt to load. Since osquery runs with elevated privileges this enables l...
CVE-2020-6114
PUBLISHED: 2020-07-10
An exploitable SQL injection vulnerability exists in the Admin Reports functionality of Glacies IceHRM v26.6.0.OS (Commit bb274de1751ffb9d09482fd2538f9950a94c510a) . A specially crafted HTTP request can cause SQL injection. An attacker can make an authenticated HTTP request to trigger this vulnerabi...