Sentrigo Updates Repscan Vulnerability Assessment and Security Scanning Tool for Databases

Daabase security software adds data discovery capabilities, Microsoft SQL Server support

Note: ESJ’s editors carefully choose vendor-issued press releases about new or upgraded products and services. We have edited and/or condensed this release to highlight key features but make no claims as to the accuracy of the vendor's statements.

Sentrigo, Inc. has released version 3.0 of its database vulnerability assessment and security scanning software. It incorporates new and improved features that allow users to more easily navigate, identify, and interpret critical data within an enterprise, and now includes Microsoft SQL Server support.

With more than 3,000 security verifications scanning Oracle and Microsoft databases and applications, Repscan is a comprehensive vulnerability assessment solution. Among the new product features is a graphical user interface thathas been completely redesigned to allow even security experts with limited database knowledge to run and interpret results. The product also adds powerful tools for penetration testing, as well as a database browser (with drill-down functionality) that allows interactive review of crucial database information.

Developed by security researcher, Alexander Kornbrust of Red Database Security, this new version offers deep database discovery capabilities, allowing enterprises to locate and identify databases on a network -- an important first step to scanning and protecting them. In addition, the product’s enhanced data discovery ability identifies which databases have sensitive information that is likely subject to compliance requirements.

“Often the toughest job in complying with a new standard or in protecting a database is figuring out which database tables contain the data you need to protect,” said Dan Sarel, vice president of products at Sentrigo. “Repscan’s new data discovery feature allows customers to find databases that contain payment card data, Social Security numbers, salaries, financial data, and more.”

Repscan complements and integrates with Sentrigo’s Hedgehog family of database activity monitoring software. Vulnerabilities discovered by Repscan can automatically generate protection rules and policies with Hedgehog, preventing exploit of identified weaknesses. Additional Repscan features include:

  • Current database version and patch level inventory
  • Scans for empty, weak, or default passwords from database users
  • Finds security gaps, such as hardcoded passwords, deprecated functions, and SQL injection vulnerabilities
  • Insecure PL/SQL code detection
  • Modified database object detection, including discovery of root kits and altered data detection (privileged and user tables)
  • Forensic trace discovery from common security and hacker tools

More information is available at http://www.sentrigo.com/repscan.