Database Security

Protect the servers that hold the most valuable data - your database servers

Rapid7 provides database scanning and auditing capabilities to identify misconfigurations as well as vulnerabilities that could affect your databases; default accounts, default permissions on database objects such as tables, views, stored procedures, buffer overflows and denial of service are just some of the key database vulnerabilities that Rapid7 checks for using Nexpose's vulnerability database of more than 75,000 vulnerability checks and 22,000 vulnerabilities and Metasploit's exploit database - currently covering 663+ unique CVEs, wide range of targets with 723+ remote exploits, 369+ auxiliary modules and hundreds of payloads.

Rapid7 provides one-stop shopping for database security by combining the capabilities of Nexpose and Metasploit to ensure that you can:

• Audit the industry's widest range of databases for security, configuration and operational vulnerabilities, exploit root level access to collect evidence for reporting and ensure you secure you most valuable assets.
• Provide detailed reporting and remediation guidelines to your security staff so they have the insight they need to resolve issues quickly and easily.
• Ensure policy compliance with pre-defined policy report templates and a single-scan capability that check for both policy compliance and vulnerabilities in the same scan - streamlining security configuration assessment efforts for internal and external auditors.
• Verify and validate vulnerabilities and risks: Nexpose and Metasploit can use the results from the database scan to penetrate the operating system to find additional vulnerabilities that would otherwise be left hidden.

Rapid7 supports the industry's widest range of databases for vulnerability management and penetration testing, including: