Trustwave Database Security Knowledgebase (ShatterKB) 6.36 is now available. It introduces new checks for PostgreSQL, Microsoft Azure SQL Database, and DynamoDB.
New Checks - DynamoDB
- Read-only Permissions on DynamoDB backups
Description: Lists users with read-only permissions granted on DynamoDB backups.
Risk: Medium
- Read-only Permissions on DynamoDB import
Description: Lists users with read-only permissions granted on DynamoDB imports.
Risk: Medium
- Read-only Permissions on DynamoDB export
Description: Lists users with read-only permissions granted on DynamoDB exports.
Risk: Medium
- Read-write Permissions on DynamoDB indexes
Description: Lists users with read-write permissions granted on DynamoDB indexes.
Risk: Medium
- Read-write Permissions on DynamoDB table
Description: Lists users with read-write permissions granted on DynamoDB tables.
Risk: Medium
- Read-write Permissions on DynamoDB backups
Description: Lists users with read-write permissions granted on DynamoDB backups.
Risk: Medium
- List level permission on DynamoDB tables
Description: Lists users with 'List' level permissions granted on DynamoDB tables.
Risk: Medium
- Read-only Permissions on DynamoDB table
Description: Lists users with read-only permissions granted on DynamoDB tables.
Risk: Informational
- Read-only Permissions on DynamoDB stream
Description: Lists users with read-only permissions granted on DynamoDB stream.
Risk: Medium
- List level permission on DynamoDB backups
Description: Lists users with 'List' level permissions granted on DynamoDB backups
Risk: Medium
- List level permission on DynamoDB Import/Export
Description: Lists users with 'List' level permissions granted on DynamoDB Import/Export.
Risk: Medium
- Read-only Permissions on DynamoDB indexes
Description: Lists users with read-only permissions granted on DynamoDB indexes.
Risk: Medium
New Checks - Microsoft Azure SQL Database
- Users Permissions to Azure SQL database securable
Description: Verify which users and roles have permissions to Azure SQL Database securable.
Risk: Medium
- Ensure that the audit generates records when security objects are accessed
Description: Check if audit records are generated when security objects are accessed.
Risk: Medium
- Azure Active Directory as the authentication type
Description: Check if Azure Active Directory is configured as the authentication type.
Risk: Low
- Ensure that the audit generates records when unsuccessful attempts to access security objects occur
Description: Check if audit records are generated when unsuccessful attempts to access security objects occur.
Risk: Medium
- Ensure that the audit generates records when categorized information is accessed
Description: Check if audit records are generated when categorized information is accessed
Risk: Medium
- Ensure that the audit generates records when unsuccessful attempts to access categories of information occur
Description: Check if audit records are generated when unsuccessful attempts to access categories of information occur
Risk: Medium
- Database not encrypted
Description: Verifies that all databases are encrypted.
Risk: High
New Checks - PostgreSQL
- Vulnerability in PostgreSQL - CVE-2023-39417
Description: Check the database version to determine if the patch for CVE-2023-39417 is missing.
Risk: High
Availability
- Available to all AppDetectivePRO and DbProtect customers with maintenance (subscription or perpetual) in good standing at no additional cost.
- Download SHATTER Knowledgebase from the Trustwave Support Portal. (https://www.trustwave.com/Company/Support/ and select AppDetectivePRO or DbProtect)
- AppDetectivePRO customers can use the Updater within the product as well