dbsec-k8凯发游戏

dbsec data security products and services
lower the data breach risks,prevent sensitive data from being threatened,and meet the requirements of laws and regulations
data security products series
dbsec database security assessment system(dsas)
product overview
dbsec database security assessment system (dsas) provides customers with security inspection solutions for both international and domestic mainstream databases. dsas discovers weak security configuration, risky code and weak password in their databases, analyzes and osmotically simulated attacks the known vulnerability. it exposes the security problems of current database system efficiently, and monitors the security status of databases persistently. dsas provides database security assessment reports and databases security hardening advices for customers after the inspection, which imporves database security significantly.
product values
compliance inspection
dsas provides inspection policies of information security technology-baseline for classified cybersecurity protection 2 and 3, and also supports database security inspection policies from various industries, such as the public security and the operator. dsas can be utilized in industry inspection and organization self-inspection.
database vulnerabilities discovery
the vulnerabilities of mainstream databases are exposed gradually and of a large number. the oracle vulnerabilities only exposed by cve reaches more than 1,200. dsas can inspect database vulnerabilities such as dbms vulnerability, default configuration, permission promotion vulnerability, buffer overflow, unupgraded patch, etc.
security risk discovery in using
according to investigations, half of the production business databases have default account and default password. in common attack cases, hackers usually only utilize the built-in security vulnerabilities of databases, which can be protected by improving basic security configuration.
database security monitoring
most users start to analyze reasons of their security event only after its happens. however, databases store a big number of complex data, parameters and user privilege informations, makes manual tracking and data analysis more complecated. dsas provides persistently monitoring capability for database security, bulid a solid security line, and reports security status in real time.
product advantages
accurate risk level
dsas provides customized vulnerability levels that meet the grading principle of cve and cnnvd standards, and consistent with international mainstream and professional tools.
comprehensive inspection scope
dsas supports over 1,900 security vulnerabilities and provides 5,327 security inspection points in total, while domestic ordinary security vendors can only inspect about 300 vulnerabilities and professional database vulnerability inspection tool can only inspect 600 to 700 vulnerabilities.
dsas supports many kinds of database types, including 7 internaltional mainstream databases and 3 domestic databases.
advanced inspection technologies
dsas supports many kinds of database auto-inspection technologies and network database discovery technologies. it provides database server discovery technology, database instance discovery technology, various dbms password generation technologies, more than 10,000 password blasting databases, and rapidly weak password inspection methods.
special database security monitoring
traditional vulnerability scaning products only used as database vulnerability inspection tools. dsas broke through the limit of traditional products, monitors the operating and maintenance security of database, including assess their security configuration, connection status, user changing status, privilege changing status, code changing status, etc. dsas bulids a solid security line, and provides security changing reports and analysis.
high self-security
dsas provides three kinds of users, they are administrator, operator and auditor, who have different privileges from each other and monitor each other. the scanning function of dsas can be performed by read-only account. database connection information and password are encrypted stored in the detection report.
网站地图