MatriXay Database Vulnerability Scanner V3.0

Transcription

1 MatriXay Database Vulnerability Scanner V3.0 (DAS- DBScan) The best database security assessment tool 1. Overview MatriXay Database Vulnerability Scanner (DAS- DBScan) is a professional tool with own patent. DAS- DBScan offers a comprehensive audit and total protection solution that prevents security vulnerabilities, including buffer overflow, Dos, privilege escalation, SQL injection, access bypass, weak password DAS- DBScan tool assists users to fully understand potential security risk existing in database and self detect and assess the system security, so as to enhance the capability to resist various risks. 2. Function DAS- DBScan is combined by both frond- end program and scan engine. Engine main function is to access database you need to scan, execute scan request submitted by front- end and return scan result to front- end. Front- end function is interaction with users, its main modules include: management, scan management, report management, user rights management, rules management, logo management. Engine and front- end program can work separate with custom network communication protocol. Copyright DBAPPSecurity Ltd All Right Reserved Page 1 / 5

2 Product function modules diagram: UI New Edit Project Scan Report Open Scan Stop scan Template content In/Out porject Pause Scan show Preview Report export New user User Rule Log New Edit Log Edit user rulegroup rulegroup generation Log audit New role Edit role Assign rule item Role privilege Protocol analysis module Network transmission module Network Scan engine Database connection Core System data management ORACLE connection MSSQL connection Network transmission module Protocol analysis module System Information Management MySQL connection DB2 connection Informix connection... The scanning task processing module Scan results saved module Scan data management Rule management Utils Structure Front- end program: Front- end program enables interaction with users. Users can create scan tasks through front- end program and check returned scan result and export reports of scan result. Front- end function modules as follows:: n Project Management: Mainly enable the operation for creating, editing, opening, focus on scanned object management, including database types, IP, port, server etc. User can test connection by inputting username and Copyright DBAPPSecurity Ltd All Right Reserved Page 2 / 5

3 password. If connecting successfully, it means connect information correct and enables scanning immediately. n Scan management: Available to make start, pause, stop operations in the process of scanning, send commands to the engine and scan database user selects. Meanwhile, indicate the scan results returning from scan engine. n Report management: Provide report templates, report content selection, report preview, print and export. DAS- DBScan allows user to flexibly select report cover, statistics information to indicate report content, as well as available to print and export report with PDF, HTML, DOC, XLS format. n User right management: Provide assigning user right, role and users. Enable operation of addition, edition and deletion. n Rules management: Provide editing rules group, user can select a different rules group for specific scan. n Log management:das- DBScan will generate a log for each operation and save to the system. Meanwhile, DAS- DBScan provides auditing log function. Auditor can check previous operations from each user, including when administrator created a username, when a user scanned database etc. Scan engine: Scan engine handles scan query and returns scan result to front- end program. Function modules of scan engine: n Core Logic Module: Provide network operation and protocol analysis function. Handle scan tasks and query from front- end to get connect information. Invoke a connect engine of different database to connect database for scanning. Scan database upon rules group used in the scan query. n Database connect engine: DAS- DBScan provides access database engine with high efficiency and lightweight. Support Oracle, MSSQL, MySQL, DB2, INFORMIX etc. Copyright DBAPPSecurity Ltd All Right Reserved Page 3 / 5

4 3. Features n Data management module: Provide data management from the system, scan result and rules management, including user information, configuration information, information, rules and data management. n Authority rules: Entire, precise and latest vulnerability knowledge library is provided by authority security organizations. n In- depth vulnerability detection: Provide in- depth detecting weakness, misconfiguration, weak password, patch as well as precise assessment. n Supported complete database types:the system supports mainstream database types, including Oracle, MSsql, DB2, Informix, Mysql etc. n Perfect scan engine:scan engine ensures minimizing affection to database and server performance when the system works. n Flexible rules management: Rules are basis and standards of database detection. Rules management can make different detection standard flexibly as well as different rules upon customers specific requirement. Available to add custom rules as rules library extension. n Users management: The product defaults to divide users to three types: administrator, auditor and operator. Administrator can assign role right to auditor and operator. Auditor can audit operation logs. Operator can make relevant operation upon assigned right. n Log management: Record each operation in process. Provide searching and checking operation information as well as exporting logs information to save it with CSV format. n Rich Scan reports: Scan result is indicated to user by flexible reporting. Support exporting report with various formats. Provide classification of vulnerabilities, relevant strengthening proposal and custom report content. n Easy operation: Provide wizard mode to assist user to easily finish configuration of scan. Copyright DBAPPSecurity Ltd All Right Reserved Page 4 / 5

5 Product Interface Copyright DBAPPSecurity Ltd All Right Reserved Page 5 / 5