Database Security Knowledgebase Update 5.33 includes a new check for MSSQL, a new policy, new Activity Monitoring rules and several updated policies.
New Vulnerability and Configuration Check Highlights
IBM DB2 LUW
• Check that permissions have not been granted to the public server role
o Risk: Medium
New Policies
• Database Best Practices
o This policy is designed for those who do not have a specific compliance or security requirement but want to utilize best practices when it comes to securing databases.
Updated Policies
• Base Line - Audit (Built-in)
o New Checks
♦ Microsoft SQL Server: Permissions granted to the public server role: Medium
• Best Practices for Federal Gov. - Audit (Built-in)
o New Checks
♦ Microsoft SQL Server: Permissions granted to the public server role: Medium
• CIS Benchmark - Audit (Built-in)
o New Checks
♦ Microsoft SQL Server: Permissions granted to the public server role: Medium
• CIS v1.0.0 for SQL Server 2016 - Audit (Built-in)
o New Checks
♦ Microsoft SQL Server: Permissions granted to the public server role: Medium
• CNIL - Audit (Built-in)
o New Checks
♦ Microsoft SQL Server: Permissions granted to the public server role: Medium
• FedRAMP - Audit (Built-in)
o New Checks
♦ Microsoft SQL Server: Permissions granted to the public server role: Medium
• Strict - Audit (Built-in)
o New Checks
♦ Microsoft SQL Server: Permissions granted to the public server role: Medium
User Creation Scripts
• None in this release
Database Activity Monitoring - New Rules
• Persistent Cross Site Scripting attack within MS SQL Server
o Monitor for HTML script tags embedded within SQL INSERT or UPDATE statements. Script tags may be indicative of SQL injection attempts.
o Risk: High
Availability
• Available to all Trustwave AppDetectivePRO and DbProtect customers with maintenance (subscription or perpetual) in good standing at no additional cost.
• Trustwave AppDetectivePRO customers can use the Updater within the product as well