Application Security Inc. - Securing Business by Securing Enterprise Applications

search:

MOST POPULAR CONTENT

1.	Top Database Security Threats for 2008
2.	Database Security Best Practices for Federal Agencies
3.	PCI Compliance at the Database Level
4.	Forrester WAVE Summary Scorecard
5.	SOX Compliance and Database Security

DbProtect AppRadar Filters™ - 13 June 2006

Oracle Critical Patch Update - April 2006

Empowers your organization to monitor activity surrounding those objects that are susceptible to the vulnerabilities addressed by this Critical Patch Update. Apply this filter to observe and understand how these susceptible objects are used within your environment.

Export xproc SQL Injection

Empowers your organization to monitor the procedures that are vulnerable to SQL injection. It is important to monitor these procedures as there are public exploits available.

Downloading and Applying Filters in DbProtect AppRadar

Unzip the zip file onto your desktop.
Login to the management console for DbProtect AppRadar.
Go to the Filters page by clicking on the "Filters" tab.
Find the Import Filters section and click on the "Import" button.
Select the "OracleAprilCPUFilters_20060613.xml" file to import. Click on "Import".
Repeat steps 4 and 5 to import the
Now we need to add those Filters to a Policy. Click on the "Policies" tab.
Find the Policy that you are using to monitor your target database and click the corresponding "Edit" button.
The Policy Editor window will open.
The left-pane of the Policy Editor contains a tree-view of all of the available Rules and Filters. Expand "Oracle Database" by clicking on the "+" sign.
The 3rd category from the top will be "Audit Events". Expand that category by clicking the "+" sign.
Scroll down until you find the "Stored procedure executed" Rule. There should be a "+" sign next to it. Expand that.
Now you should see the 2 Filters that were just imported: a) Export xproc SQL injection - vulnerable procedure usage (unpatched); and b) Critical Patch Update April 2006 - Vulnerable procedures usage.
To turn on those Filters, simply toggle their corresponding checkboxes until the check is visible.
Scroll back to the top in the pane with the tree, and click on "Save".
Now in the Policies page, find the Policy you just edited, and click on the "Deploy..." button to begin the deployment process. Deploying the Policy to the appropriate databases will immediately begin monitoring.