NGS Auditor is an enterprise class database vulnerability scanner, suitable for finding vulnerabilities in many of the most widely used databases. It uses a distributed architecture system based upon a repository, scan engine, scheduler and management console.

Contact us for your 30 day free trial.

The repository (on a SQL Server database) stores the settings, results, reports and schedules for each scan together with the relevant system configuration data. All data contained within the repository is encrypted.

The scan engines can be placed in discrete database segments (such as the DMZ) allowing security auditing from any point in the enterprise. Each scan engine runs vulnerability checks for each of the hosts and stores these results in a designated repository. Hosts that are to be scanned can be specified by the user, or the scan engine can perform host discovery based upon a range of IP addresses.

NGS Auditor can produce trend analysis and a wide selection of compliance auditing reports, including PCI, SOX, HIPAA, GLBA, FISMA Sans Top 20, CIS Benchmarks (SQL Server and Oracle) and the NSA Benchmark for SQL Server.

Features include;

• Distributed architecture
• Supported RDBMS systems to scan:
• • MS SQL Server 7/2000/2005/2008
  • Oracle 7r3/8i/9i/10g/11g
  • IDS Informix Dynamic Server 9x/10x/11x
  • MySQL
• Encryption of data within the repository
• Multiple distributed scanning engines
• • Scan Engines can be added as required to support growth
• Lights out automated function via built-in scheduling engine
• Role based access (Admin, Reporting, Scheduling etc.)
• Highly configurable policy based scanning hierarchy:
• • Grouping of systems to be scanned by
  • • System type (e.g. Database Server, Web Server, Network Device etc.)
    • System location (e.g. London, U.K., Europe, Dallas, U.S. etc.)
    • Client (for Service Providers)
  • Secondary grouping per client (for device type etc.)
  • Ad-hoc grouping as required by client
• Powerful reporting engine with separate reporting aimed at all the following:
• • Executive Management, Mid-Level Management
  • Security Management, Technical Security Staff
• Trend analysis via comparative reporting
• Multiple report formats (TXT, RTF, HTML, XML, External Database)
• Built-in compliance auditing covering:
• • PCI-DSS, SOX, HIPAA, GLBA
  • FISMA, SANS Top 20
  • NSA Benchmark for SQL Server
• Built-in risk dashboard and results analyser reporting tools

Contact us for your 30 day free trial of our leading vulnerability scanners.