Application Security Inc. - Securing Business by Securing Enterprise Applications

home

client login

partner login

online store

search:

MOST POPULAR CONTENT

1.	Top Database Security Threats for 2008
2.	Database Security Best Practices for Federal Agencies
3.	PCI Compliance at the Database Level
4.	Forrester WAVE Summary Scorecard
5.	SOX Compliance and Database Security

ASAP Update: AppDetectivePro Update 5.4.3 - 19 June 2008

ENHANCEMENTS IN THIS ASAP UPDATE INCLUDE:

Product: AppDetectivePro

Oracle Checks
Sybase Support
SCAP

ORACLE

NEW! Critical Patch Update - April 2008
Examines if the database contains vulnerabilities fixed by the CPU.
Risk Level - High
NEW! OS_ROLES configuration parameter is NOT set to FALSE
Examines if the parameter is not set to FALSE.
Risk Level - Medium
NEW! Audit Table is not owned by SYS, SYSTEM or a protected account
Examines if the Audit Table is not owned by SYS, SYSTEM, or a protected account.
Risk Level - Medium
NEW! RESOURCE_LIMIT configuration parameter is NOT set to TRUE
Examines the configuration parameter to see if its set to TRUE.
Risk Level - Medium
NEW! Idle Time Resource Usage Limit
Examines if the limit is set to be less or equal to 15.
Risk Level - Medium
NEW! ML DB Protocol Server
Examines if the Oracle XML DB Protocol is enabled or not.
Risk Level - Medium
NEW! Database Demonstration Objects
Examines for the presence of default accounts and objects created for demonstration applications.
Risk Level - Medium
NEW! SYSDBA Privilege Assignments
Examines for SYSDBA privilege granted to unauthorized DBAs.
Risk Level - Medium
NEW! SQLNET.EXPIRE_TIME Parameter
Examines if the parameter is set to greater than 0 in the sqlnet.ora file.
Risk Level - Medium
NEW! _TRACE_FILES_PUBLIC undocumented configuration parameter is NOT set to FALSE
Examines if the parameter is not set to FALSE.
Risk Level - Medium
NEW! GLOBAL_NAMES configuration parameter is set to FALSE
Examines if the parameter is set to FALSE.
Risk Level - Low
NEW! Oracle Predefined Roles
Examines for predefined roles granted to non-DBA accounts.
Risk Level - Low
NEW! Database Creation SPOOLMAIN.LOG File
Examines for the presence of the SPOOLMAIN.LOG file.
Risk Level - Low
NEW! Role Permissions
Examines the alter, index, and reference privileges to granted roles.
Risk Level - Low
NEW! Redo Log Files configuration
Examines the number of redo log groups and files to be at least two.
Risk Level - Low

SYBASE

Added Target Database Support for Sybase ASE 15
Added Support for Adaptive Server Enterprise ODBC Driver (available with version 15 client driver)
UPDATED! Latest patch not applied Examines all the latest ESD's for 12.5.3, 12.5.4, and 15 Risk Level - High

SCAP

Added View SCAP Info component in UI
Added CPE Tag to XML reports

Return to ASAP™ Updates Listing