Database auditing involves observing a database so as to be aware of the actions of database users. Database administrators and consultants often set up auditing for security purposes, for example, to ensure that those without the permission to access information do not access it.

Auditing is the monitoring and recording of selected user database actions. It can be based on individual actions, such as the type of SQL statement executed, or on combinations of factors that can include user name, application, time, and so on. Security policies can trigger auditing when specified elements in an Oracle database are accessed or altered, including the contents within a specified object.

Database SecurityAuditing is typically used to:

To understand your organization’s security exposure, it is vital to conduct a thorough assessment of your database servers before deployment, and then on a defined regular schedule. We are experts at compliance auditing, detailed configuration reviews (host security assessment), and vulnerability assessments and penetration tests focused on different database platforms and technologies. Example - SQL, Oracle, Sybase, MySQL, DB2.

  • Enable future accountability for current actions taken in a particular schema, table, or row, or affecting specific content
  • Deter users (or others) from inappropriate actions based on that accountability
  • Investigate suspicious activity

    For example, if some user is deleting data from tables, then the security administrator might decide to audit all connections to the database and all successful and unsuccessful deletions of rows from all tables in the database.

  • Notify an auditor that an unauthorized user is manipulating or deleting data and that the user has more privileges than expected which can lead to reassessing user authorizations.
  • Monitor and gather data about specific database activities

    For example, the database administrator can gather statistics about which tables are being updated, how many logical I/Os are performed, or how many concurrent users connect at peak times.

  • Detect problems with an authorization or access control implementation

    For example, you can create audit policies that you expect will never generate an audit record because the data is protected in other ways. However, if these policies do generate audit records, then you will know the other security controls are not properly implemented.

To understand your organization’s security exposure, it is vital to conduct a thorough assessment of your database servers before deployment, and then on a defined regular schedule. We are experts at compliance auditing, detailed configuration reviews (host security assessment), and vulnerability assessments and penetration tests focused on different database platforms and technologies.

Example -

SQL, Oracle, Sybase, MySQL, DB2.