Software Updates

Database Security Knowledgebase Update 5.26

Written by | Apr 12, 2018 10:25:00 AM

Knowledgebase version 5.26 includes new checks for Oracle & IBM DB2 LUW, updates to IBM DB2 LUW checks and two updated policies: CIS 2.2.0 for Oracle 11g & Strict.

 

New Vulnerability and Configuration Check Highlights

IBM DB2 LUW

  • DB2 must initiate session auditing upon startup

o   Ensure that, at a minimum, there are audit policies defined for the AUDIT, CHECKING, CONTEXT, SECMAINT, SYSADMIN, VALIDATE, OBJMAINT, and EXECUTE categories.

o   Risk: Medium

 

  • Ensure Audit policy is defined at the Table and Database level

o   Ensure that, at a minimum, there are audit policies defined for the AUDIT, CHECKING, CONTEXT, SECMAINT, SYSADMIN, and VALIDATE categories.

o   Risk: Medium

 

  • Generate audit records when privileges/permissions are retrieved

o   Ensure that, at a minimum, there are audit policies defined for the CONTEXT, and EXECUTE categories.

o   Risk: Medium

 

  • Generate audit records when security objects are accessed

o   Ensure that, at a minimum, there are audit policies defined for the AUDIT, CHECKING, CONTEXT, SECMAINT, SYSADMIN, and VALIDATE categories.

o   Risk: Medium

 

  • Generate audit records when unsuccessful attempts to retrieve privileges/permissions occur

o   Ensure that, at a minimum, there are audit policies defined for the CONTEXT, and EXECUTE categories.

o   Risk: Medium

 

  • Integration with an organization-level authentication/access mechanism provides account management and automation       

o   Verify that the Database Management Configuration parameter SRVCON_PW_PLUGIN equals IBMLDAPauthserver.

o   Risk: Medium

 

  • Limit the number of concurrent sessions to a number per user

o   Check and confirm that the connection procedure limits the amount of concurrent connections is acceptable by the organization's policies.

o   Risk: Medium

 

  • Protect against a user falsely repudiating having performed organization-defined actions

o   Ensure that there are audit policies defined for required application tables and/or database.

o   Risk: Medium

 

Oracle

  • Lockdown profile

o   Check that pluggable databases (PDBs) have PDB_LOCKDOWN parameter configured.

o   Risk: Informational

 

Updated Checks

IBM DB2 LUW

  • Fix Pack not installed on time

o   Support 11.1 Mod 3 Fix Pack 3

o   Risk: High

 

  • Latest Fix Pack not installed

o   Support 11.1 Mod 3 Fix Pack 3

o   Risk: High

 

Updated Policies

  • CIS v2.2.0 for Oracle 11gR2 - Audit (Built-In)

New Checks

  • Oracle: SQL92_SECURITY parameter not enabled: Low
  • Strict - Audit (Built-in)

New Checks

  • Oracle: Lockdown profile: Informational

User Creation Scripts

There have been no changes in this release.

 

Availability

  • Available to all AppDetectivePRO and DbProtect customers with maintenance(subscription or perpetual) in good standing at no additional cost
  • AppDetectivePRO customers can use the Updater within the product as well
View full post