New Vulnerability and Configuration Check Highlights
IBM DB2 LUW
• Generate audit events for all privileged activities or other system-level access
o Ensure that, at a minimum, there are audit policies defined for the AUDIT, CONTEXT, SECMAINT, SYSADMIN, and OBJMAINT categories.
o Risk: Medium
• Generate audit records for all direct access to the databases
o Ensure that, at a minimum, there are audit policies defined for the CONTEXT, and VALIDATE categories.
o Risk: Medium
• Generate audit records showing starting and ending time for user access to the databases
o Ensure that, at a minimum, there are audit policies defined for the CONTEXT category.
o Risk: Medium
• Generate audit records when concurrent connections by the same user from different workstations occur
o Ensure that, at a minimum, there are audit policies defined for the CONTEXT, and VALIDATE categories.
o Risk: Medium
• Generate audit records when privileges/permissions are added
o Ensure that, at a minimum, there are audit policies defined for the CONTEXT, and SECMAINT categories.
o Risk: Medium
• Generate audit records when security objects are deleted
o Ensure that, at a minimum, there are audit policies defined for the CONTEXT, SECMAINT, and OBJMAINT categories.
o Risk: Medium
• Generate audit records when security objects are modified
o Ensure that, at a minimum, there are audit policies defined for the OBJMAINT, and SECMAINT categories.
o Risk: Medium
• Generate audit records when security objects are modified unsuccessful
o Ensure that, at a minimum, there are audit policies defined for the SECMAINT, and OBJMAINT categories.
o Risk: Medium
• Generate audit records when successful accesses to objects occur
o Ensure that, at a minimum, there are audit policies defined for the CONTEXT, and EXECUTE categories.
o Risk: Medium
• Generate audit records when successful logons or connections occur
o Ensure that, at a minimum, there are audit policies defined for the CONTEXT, and VALIDATE categories.
o Risk: Medium
• Generate audit records when unsuccessful attempts to access categorized information
o Ensure that, at a minimum, there are audit policies defined for the CONTEXT, and SECMAINT categories.
o Risk: Medium
• Generate audit records when unsuccessful attempts to delete categorized information occur
o Ensure that, at a minimum, there are audit policies defined for the CONTEXT, and EXECUTE categories.
o Risk: Medium
• Generate audit records when unsuccessful attempts to execute privileged activities or other system-level access occur
o Ensure that, at a minimum, there are audit policies defined for the AUDIT, CONTEXT, SECMAINT, SYSADMIN, and OBJMAINT categories.
o Risk: Medium
Oracle
• Critical Patch Update/Patch Set Update - April 2018
o Check version to determine if the database contains vulnerabilities described by Critical Patch Update/Patch Set Update - April 2018.
o Risk: High
• Pluggable Database Operating System Credentials
o Verify that the PDB_OS_CREDENTIAL parameter for each PDB is set to a unique value.
o Risk: Low
MySQL
• Critical Patch Update - April 2018
o Check version to determine if the database contains vulnerabilities described by Critical Patch Update - April 2018.
o Risk: Medium
Updated Checks
MySQL
• Latest release not installed
o Support MySQL 5.5.60, 5.6.40, 5.7.22
o Risk: High
• Release update not installed on time
o Support MySQL 5.5.60, 5.6.40, 5.7.22
o Risk: High
Updated Policies
• Base Line - Audit (Built-in)
o New Checks
• MySQL: Critical Patch Update - April 2018: Medium
• Oracle: Critical Patch Update/Patch Set Update - April 2018: High
• Basel II - Audit (Built-in)
o New Checks
• MySQL: Critical Patch Update - April 2018: Medium
• Oracle: Critical Patch Update/Patch Set Update - April 2018: High
• Basel II - Pen Test (Built-in)
o New Checks
• MySQL: Critical Patch Update - April 2018: Medium
• Oracle: Critical Patch Update/Patch Set Update - April 2018: High
• Best Practices for Federal Gov. - Audit (Built-in)
o New Checks
• MySQL: Critical Patch Update - April 2018: Medium
• Oracle: Critical Patch Update/Patch Set Update - April 2018: High
• CIS v1.0.0 for MySQL 5.7 - Audit (Built-in)
o New Checks
• MySQL: Critical Patch Update - April 2018: Medium
• CIS v1.0.0 for Oracle 11gR1&R2 - Audit (Built-in)
o New Checks
• Oracle: Critical Patch Update/Patch Set Update - April 2018: High
• CIS v1.0.2 for MySQL 5 - Audit (Built-in)
o New Checks
• MySQL: Critical Patch Update - April 2018: Medium
• CIS v2.0 for Oracle 12c - Audit (Built-In)
o New Checks
• Oracle: Critical Patch Update/Patch Set Update - April 2018: High
• CIS v2.2.0 for Oracle 11gR2 - Audit (Built-In)
o New Checks
• Oracle: Critical Patch Update/Patch Set Update - April 2018: High
• CNIL - Audit (Built-in)
o New Checks
• MySQL: Critical Patch Update - April 2018: Medium
• Oracle: Critical Patch Update/Patch Set Update - April 2018: High
• DISA-STIG Database Security - Audit (Built-in)
o New Checks
• MySQL: Critical Patch Update - April 2018: Medium
• Oracle: Critical Patch Update/Patch Set Update - April 2018: High
• DISA-STIG Oracle 11gR2 V1R12 - Audit (Built-in)
o New Checks
• Oracle: Critical Patch Update/Patch Set Update - April 2018: High
• DISA-STIG Oracle 12c V1R8 - Audit (Built-in)
o New Checks
• Oracle: Critical Patch Update/Patch Set Update - April 2018: High
• Download - Pen Test (Built-in)
o New Checks
• MySQL: Critical Patch Update - April 2018: Medium
• Oracle: Critical Patch Update/Patch Set Update - April 2018: High
• EU Data Protection Directive - Audit (Built-in)
o New Checks
• MySQL: Critical Patch Update - April 2018: Medium
• Oracle: Critical Patch Update/Patch Set Update - April 2018: High
• EU Data Protection Directive - Pen Test (Built-in)
o New Checks
• MySQL: Critical Patch Update - April 2018: Medium
• Oracle: Critical Patch Update/Patch Set Update - April 2018: High
• FISMA - Audit (Built-in)
o New Checks
• Microsoft SQL Server: Database not encrypted: High
• MySQL: Critical Patch Update - April 2018: Medium
• Oracle: Critical Patch Update/Patch Set Update - April 2018: High
• FISMA - Pen Test (Built-in)
o New Checks
• MySQL: Critical Patch Update - April 2018: Medium
• Oracle: Critical Patch Update/Patch Set Update - April 2018: High
• FedRAMP - Audit (Built-in)
o New Checks
• MySQL: Critical Patch Update - April 2018: Medium
• Oracle: Critical Patch Update/Patch Set Update - April 2018: High
• Full - Pen Test (Built-in)
o New Checks
• MySQL: Critical Patch Update - April 2018: Medium
• Oracle: Critical Patch Update/Patch Set Update - April 2018: High
• Gramm-Leach-Bliley Act - Audit (Built-in)
o New Checks
• MySQL: Critical Patch Update - April 2018: Medium
• Oracle: Critical Patch Update/Patch Set Update - April 2018: High
• Gramm-Leach-Bliley Act - Pen Test (Built-in)
o New Checks
• MySQL: Critical Patch Update - April 2018: Medium
• Oracle: Critical Patch Update/Patch Set Update - April 2018: High
• HIPAA - Audit (Built-in)
o New Checks
• MySQL: Critical Patch Update - April 2018: Medium
• Oracle: Critical Patch Update/Patch Set Update - April 2018: High
• HIPAA - Pen Test (Built-in)
o New Checks
• MySQL: Critical Patch Update - April 2018: Medium
• Oracle: Critical Patch Update/Patch Set Update - April 2018: High
• Heavy - Pen Test (Built-in)
o New Checks
• MySQL: Critical Patch Update - April 2018: Medium
• Oracle: Critical Patch Update/Patch Set Update - April 2018: High
• Integrity - Audit (Built-in)
o New Checks
• MySQL: Critical Patch Update - April 2018: Medium
• Oracle: Critical Patch Update/Patch Set Update - April 2018: High
• Oracle: Pluggable Database Operating System Credentials: Low
• MITS - Audit (Built-in)
o New Checks
• MySQL: Critical Patch Update - April 2018: Medium
• Oracle: Critical Patch Update/Patch Set Update - April 2018: High
• Massachusetts 201 CMR 17.00
o New Checks
• MySQL: Critical Patch Update - April 2018: Medium
• Oracle: Critical Patch Update/Patch Set Update - April 2018: High
• Medium - Pen Test (Built-in)
o New Checks
• MySQL: Critical Patch Update - April 2018: Medium
• Oracle: Critical Patch Update/Patch Set Update - April 2018: High
• MiFID - Audit (Built-in)
o New Checks
• MySQL: Critical Patch Update - April 2018: Medium
• Oracle: Critical Patch Update/Patch Set Update - April 2018: High
• MiFID - Pen Test (Built-in)
o New Checks
• MySQL: Critical Patch Update - April 2018: Medium
• Oracle: Critical Patch Update/Patch Set Update - April 2018: High
• Operating System - Audit (Built-in)
o New Checks
• Oracle: Pluggable Database Operating System Credentials: Low
• PCI Data Security Standard - Audit (Built-in)
o New Checks
• MySQL: Critical Patch Update - April 2018: Medium
• Oracle: Critical Patch Update/Patch Set Update - April 2018: High
• PCI Data Security Standard - Pen Test (Built-in)
o New Checks
• MySQL: Critical Patch Update - April 2018: Medium
• Oracle: Critical Patch Update/Patch Set Update - April 2018: High
• Safe - Pen Test (Built-in)
o New Checks
• MySQL: Critical Patch Update - April 2018: Medium
• Oracle: Critical Patch Update/Patch Set Update - April 2018: High
• Sarbanes-Oxley - Audit (Built-in)
o New Checks
• MySQL: Critical Patch Update - April 2018: Medium
• Oracle: Critical Patch Update/Patch Set Update - April 2018: High
• Sarbanes-Oxley - Pen Test (Built-in)
o New Checks
• MySQL: Critical Patch Update - April 2018: Medium
• Oracle: Critical Patch Update/Patch Set Update - April 2018: High
• Strict - Audit (Built-in)
o New Checks
• MySQL: Critical Patch Update - April 2018: Medium
• Oracle: Critical Patch Update/Patch Set Update - April 2018: High
• Oracle: Pluggable Database Operating System Credentials: Low
User Creation Scripts
• Added MongoDB user creation script (CreateSuperUserMongoDB.txt) to give ADMIN access to aduser which is required for some checks
• Updated MongoDB user creation script (CreateUserMongoDB.txt) to create a ReadOnly role for the aduser to give least privileges for most checks.
Availability
• Available to all AppDetectivePRO and DbProtect customers with maintenance (subscription or perpetual) in good standing at no additional cost.
• AppDetectivePRO customers can use the Updater within the product as well