Sentrigo today announced Repscan version 3.0, a major new release of its database vulnerability assessment and security scanning software. The software, which began shipping last week, ought to incorporate new and improved features that allow users to more easily navigate, identify and interpret critical data within an enterprise, and now includes Microsoft SQL Server support.
With more than 3,000 security verifications scanning Oracle and Microsoft databases and applications, Repscan is the most comprehensive vulnerability assessment solution available. Among the new product features is a graphical user interface, which has been completely redesigned to allow even security experts with limited database knowledge to run and interpret results. The product also adds powerful tools for penetration testing, as well as a database browser (with drill-down functionality) that allows interactive review of crucial database information.
Developed by security researcher Alexander Kornbrust of Red Database Security, this new version now offers deep database discovery capabilities allowing enterprises to locate and identify databases on a network – an important first step to scanning and protecting them. In addition, the product’s enhanced data discovery ability identifies which databases have sensitive information that is likely subject to compliance requirements.
“Often the toughest job in complying with a new standard or in protecting a database is figuring out which database tables contain the data you need to protect,” said Dan Sarel, VP of products, Sentrigo. “Repscan’s new data discovery feature allows customers to find databases that contain payment card data, social security numbers, salaries, financial data and more.”
Repscan complements and integrates with Sentrigo’s Hedgehog family of database activity monitoring software, a solution for auditing and protecting corporate databases from privileged insiders as well as malicious hackers. Vulnerabilities discovered by Repscan can automatically generate protection rules and policies with Hedgehog, preventing exploit of identified weaknesses.
Additional Repscan features include:
- Current database version and patch level inventory
- Scans for empty, weak or default passwords from database users
- Finds security gaps, such as hardcoded passwords, deprecated functions, SQL injection vulnerabilities, and more
- Insecure PL/SQL code detection
- Modified database object detection, including discovery of root kits and altered data detection (privileged and user tables)
- Forensic trace discovery from common security and hacker tools
(Source: Sentrigo, Inc./GST)