Key Database Security Functions

Vulnerability Assessment And Scanning

Representative vendors: Application Security, Fortinet, Guardium (owned by IBM), Imperva, Microsoft, Oracle, Sentrigo (owned by McAfee), Sybase

Vulnerability scanners--the most mature category of database security tools, according to Oltsik--report on risks such as stale accounts, default passwords, outdated patches, incorrect configurations, unwarranted user privileges, and so on. According to Forrester, 48 percent of enterprises surveyed in 2011 had deployed database vulnerability assessment tools, up 66 percent from 2008.

Companies are increasingly interested in tracking and managing the activities of --finding out, for example, what data they can see, manipulate and copy.