[OWASP-Bangalore] DB security

Bishan Singh c70n3r at gmail.com
Thu Sep 3 02:25:00 EDT 2009


AppDetective is a commercial tool that you could evaluate.

>From open-source there are plenty of them that could be plugged
together to give you some amount of testing. You can check some from
the BackTrack toolset. My understanding is they together are not as
comprehensive as AppDetective. But you know what you want so may be
open-source ones could do the job for you.

For standards & hardening, the vendor sites generally provide good
best practices & hardening guides that you could validate against.
Usual good resources are MSDN for SQL, red-security & Oracle for
Oracle.

On Wed, Sep 2, 2009 at 10:49 PM, S Sarika<s_sarika19 at rediffmail.com> wrote:
> Hi,
>
> Sorry I'm new to this mailing list. I would like to know more about Database
> security and the various compliance standards.
> Any tools that could be evaluated OR tools which can be downloaded and
> investigated?
>
>
> -Sarika
>
>
> On Mon, 31 Aug 2009 19:04:41 +0530 wrote
>>its a long list what exactly you need.......... please elobarateOn Mon, Aug
>> 31, 2009 at 3:11 PM, S Sarika <> wrote:
> Hi All,
>
> Could anyone tell me what are the possible DB compliance needs, an
> organization would require and meet?
> Can anyone help me with the following:
>
> DISA STIG
> FISMA
> HIPAA
> NERC
>
> Thanks,
> Sarika
>
>
> _______________________________________________
> OWASP-Bangalore mailing list
> OWASP-Bangalore at lists.owasp.org
> https://lists.owasp.org/mailman/listinfo/owasp-bangalore
>
>
>
> _______________________________________________
> OWASP-Bangalore mailing list
> OWASP-Bangalore at lists.owasp.org
> https://lists.owasp.org/mailman/listinfo/owasp-bangalore
>
>



-- 
Bish
http://bishankochher.blogspot.com


More information about the OWASP-Bangalore mailing list