dbsec-凯发k8游戏

dbsec data security products and services

lower the data breach risks,prevent sensitive data from being threatened,and meet the requirements of laws and regulations

data security products series

dbsec database security assessment system（dsas）

product overview

dbsec database security assessment system (dsas) provides customers with security inspection solutions for both international and domestic mainstream databases. dsas discovers weak security configuration, risky code and weak password in their databases, analyzes and osmotically simulated attacks the known vulnerability. it exposes the security problems of current database system efficiently, and monitors the security status of databases persistently. dsas provides database security assessment reports and databases security hardening advices for customers after the inspection, which imporves database security significantly.

product values

compliance inspection

dsas provides inspection policies of information security technology-baseline for classified cybersecurity protection 2 and 3, and also supports database security inspection policies from various industries, such as the public security and the operator. dsas can be utilized in industry inspection and organization self-inspection.

database vulnerabilities discovery

the vulnerabilities of mainstream databases are exposed gradually and of a large number. the oracle vulnerabilities only exposed by cve reaches more than 1,200. dsas can inspect database vulnerabilities such as dbms vulnerability, default configuration, permission promotion vulnerability, buffer overflow, unupgraded patch, etc.

security risk discovery in using

according to investigations, half of the production business databases have default account and default password. in common attack cases, hackers usually only utilize the built-in security vulnerabilities of databases, which can be protected by improving basic security configuration.

database security monitoring

most users start to analyze reasons of their security event only after its happens. however, databases store a big number of complex data, parameters and user privilege informations, makes manual tracking and data analysis more complecated. dsas provides persistently monitoring capability for database security, bulid a solid security line, and reports security status in real time.

product advantages

accurate risk level

dsas provides customized vulnerability levels that meet the grading principle of cve and cnnvd standards, and consistent with international mainstream and professional tools.

comprehensive inspection scope

dsas supports over 1,900 security vulnerabilities and provides 5,327 security inspection points in total, while domestic ordinary security vendors can only inspect about 300 vulnerabilities and professional database vulnerability inspection tool can only inspect 600 to 700 vulnerabilities.

dsas supports many kinds of database types, including 7 internaltional mainstream databases and 3 domestic databases.

advanced inspection technologies

dsas supports many kinds of database auto-inspection technologies and network database discovery technologies. it provides database server discovery technology, database instance discovery technology, various dbms password generation technologies, more than 10,000 password blasting databases, and rapidly weak password inspection methods.

special database security monitoring

traditional vulnerability scaning products only used as database vulnerability inspection tools. dsas broke through the limit of traditional products, monitors the operating and maintenance security of database, including assess their security configuration, connection status, user changing status, privilege changing status, code changing status, etc. dsas bulids a solid security line, and provides security changing reports and analysis.

high self-security

dsas provides three kinds of users, they are administrator, operator and auditor, who have different privileges from each other and monitor each other. the scanning function of dsas can be performed by read-only account. database connection information and password are encrypted stored in the detection report.