Another important option is the ability to purge the audited data periodically. Normally, we do not want to keep audited data for a long time. Scheduling provides you with the facility of purging data periodically.
System Vulnerabilities Assessment
DB Audit Expert can be used for assessment of common database security vulnerabilities. With the help of several wizards, you can simulate various types of database attacks commonly employed by hackers and computer viruses. The simulated attacks can help you to assess your database vulnerabilities, check for weak passwords and logins, check for installation of must-have security patches, and so on.
DB Audit Expert can use the following vulnerability assessment methods:
- Dictionary Attack
- Brute-force Attack
- Denial of Service Attack
- Buffer Overflow Attack
The screenshot below demonstrates a typical wizard dialog used by DB Audit Expert to prompt for connection and attack parameters, and to run the actual attack.
Each attack involves establishing multiple concurrent database connections or connection attempts. If you really want to stress-test your database, you can simultaneously start the attack from multiple workstations.
DB Audit uses database triggers for capturing data changes in database tables and generating email notifications when changes occur to sensitive data. The first step for installing the data change auditing is to select the database you want to audit. After selecting a database, all the user tables are listed. You can then select the tables you want to audit. By default, all the columns in the table, for all the users and for all applications, are audited.
If you don’t want to audit all data modifications, all columns, all users, or all applications, you don’t have to. The above screen shows you the many options available. For example, if you want to audit the salary column of the employee table, you have the option of selecting only the salary column by clicking the “columns” command button and then selecting only the salary column.