Oracle Audit Vault and Database Firewall Features

Database security posture management for Oracle Databases helps validate security posture and develop mitigation plans

Security assessment for Oracle Databases
  • Offers a fleet-wide, simplified view of database security assessments, along with the security findings and associated risks.
  • Define a security baseline and monitor deviations from your baseline security posture.
  • Discover what types of sensitive data you have and where they are located. Use this information to monitor activity and define policies.
  • Provide entitlement management to monitor individual user privileges and their drift.
  • Identify changes to stored procedures.

Track data access and modifications

Track data access
  • Audit and monitor all types of activities: database, network-based SQL traffic, OS, active directory, REST, JSON, XML, CSV, and custom tables.
  • Detect data exfiltration attempts from databases.
  • Track before and after values for Oracle and Microsoft SQL Server databases with the associated primary key(s).
  • Centrally manage Oracle unified auditing and STIG- and CIS-compliant Oracle audit policies.

Support forensic analysis and manage notifications

  • Receive out-of-the-box reports for security and compliance regulations.
  • See powerful, interactive reporting with multiple filters and generate PDF/Excel reports.
  • Get immediate insight into the top user activities across multiple databases.
  • Use the policy-based alert engine to get notified of suspicious activities.
  • Use read-only auditor and improved separation of duty.
Forensic analysis and manage activities

Manage unauthorized data access

Manage unauthorized data access
  • Multi-stage database firewall inspects SQL traffic to accurately detect and optionally block unauthorized SQL including SQL injection attacks.
  • Powerful policy engine that detects unauthorized access to sensitive tables.
  • Ability to easily profile an application’s behavior and block deviations.
  • Trusted path enforcement to the database based on specific OS users, client programs, client IP, and SQL categories.

Simplified operational management

  • Centralized management of AVDF deployment with embedded security.
  • Highly scalable architecture with high availability and disaster recovery.
  • Streamlined data retention with simplified lifecycle management.
  • SIEM/Syslog integration along with FIPS 140-2 mode support.
  • Agentless audit record collection for Oracle and Microsoft SQL Server databases.
  • Automation through command-line interface.
  • Minimal or predictable downtime during hardware or software updates and upgrades.
Centralized management of AVDF deployment screenshot