Trustwave Database Security Knowledgebase (ShatterKB) 6.33 is now available. It introduces new checks for Cassandra and Cassandra.
New Checks - Cassandra
List all users
Description: Reports list of all users.
Risk: Informational
Credential Verification
Description:
Risk: Informational
Ensure client encryption is enabled
Description: Verify that 'client_encryption_options' is enabled.
Risk: Medium
Ensure Audit logging is enabled
Description: Verify Audit logging is enabled.
Risk: Medium
Ensure Cassandra Authorizer is enabled
Description: Verify the Authorizer parameter is set to 'CassandraAuthorizer'.
Risk: Medium
Ensure server encryption for internode is enabled
Description: Verify that 'internode_encryption' option under 'server_encryption_options' parameter is not set to 'none'.
Risk: Medium
Ensure Data at rest encryption is enabled
Description: Verify that 'transparent_data_encryption_options' option is set to 'true'.
Risk: Medium
Cassandra - CVE-2021-44521
Description: Check the database version to determine if the patch for CVE-2021-44521 is missing.
Risk: High
List all super users
Description: Reports list of all super users.
Risk: Medium
Ensure password authentication is enabled
Description: Verify the Authenticator option is set to 'PasswordAuthenticator'.
Risk: Medium
Ensure cassandra network authorizer is enabled
Description: Verify that 'network_authorizer' is set to 'CassandraNetworkAuthorizer'.
Risk: Medium
Credential Verification
Description:
Risk: Informational
Availability
Available to all AppDetectivePRO and DbProtect customers with maintenance (subscription or perpetual) in good standing at no additional cost.
Download SHATTER Knowledgebase from the Trustwave Support Portal. ( https://www.trustwave.com/company/support/ and select AppDetectivePRO or DbProtect )
AppDetectivePRO customers can use the Updater within the product as well