Trustwave Database Security Knowledgebase (ShatterKB) 6.29 is now available. It introduces new checks for MariaDB, PostgreSQL and MySQL.
New Checks - MariaDB
- Ensure session related global variables are correctly set
Description: Verify that the global variables max_statement_time, tcp_keepalive_interval, tcp_nodelay, tcp_keepalive_probes, tcp_keepalive_time are correctly set.
Risk: Low
- Ensure connect_event contains the value CONNECT
Description: Verify that connect_event contains the value CONNECT.
Risk: Medium
- Ensure query_event is set to ALL
Description: Verify that the audit event filter query_event is set to ALL.
Risk: Low
- Ensure idle_transaction_timeout is not set to '0'
Description: Verify that the MariaDB parameter is not set to 0
Risk: Low
- Ensure server_audit_active is not OFF
Description: Verify that global variable server_audit_active is not set to OFF.
Risk: Low
- Ensure Audit Filter Logging is Enabled and Configured Accordingly
Description: Verify that the MariaDB parameter is enabled and other desired associated filters (ie. connect_event, query_event, table_event) are also configured accordingly.
Risk: Low
- List audit filters and corresponding users
Description: Review the audit filters and ensure that they are correctly set with regards to their corresponding users.
Risk: Low
New Checks - MySQL
- Latest release not applied (Amazon Aurora)
Description: Check the database version to determine if the latest release has been applied.
Risk: High
New Checks - PostgreSQL
- Latest release not applied (Amazon Aurora)
Description: Check the database version to determine if the latest release has been applied.
Risk: High
Availability
- Available to all AppDetectivePRO and DbProtect customers with maintenance (subscription or perpetual) in good standing at no additional cost.
- Download SHATTER Knowledgebase from the Trustwave Support Portal. (https://www.trustwave.com/company/support/ and select AppDetectivePRO or DbProtect)
- AppDetectivePRO customers can use the Updater within the product as well