Introduction
Omega DB Scanner Standalone is a security auditing tool and vulnerability assessment scanner. It has been designed to give the user the automated knowledge in performing the complex task of assessment, evaluation and improvement of the security posture of his mission critical Oracle database. Omega DB Scanner is an out-of-box, software-only solution. As the name implies, this Standalone and Free Edition is a simple client-side solution that is deployed on the user’s PC within minutes. Omega DB Scanner is Agent-less and accesses the target database in read-only mode.
New Features/Enhancements in 2.1:
1. Real item scan date delivered to Splunk SIEM highlighted
When a database is scanned for vulnerability, the Scan DateTime Start and End in UTC string format are extracted from the scanned database, made part of the scan dataset and also saved to disk. These new fields are not visible in the Scan data form, but they are part of the record-set that is send to Splunk. Furthermore, in the new Omega DB Scanner App for Splunk 1.5, the field _TIME is no more set with the Splunk record ingest time – but with the real time of the vulnerability scan of the Oracle database assessed.
Warning!
It will not be possible in form “Scan Data” to load from disk scans saved with the previous versions (2.0.1 and below) of this program that miss the two fields added. You will receive error “Scan load error: SCAN_DATA: Field „UTC_Start‟ not found”!
But it is possible to open “old” scans for comparison in the “Scans Comparison” form!
2. Changes in Scan Code description
Before 2.1.0:
Completed Scan completed successfully
System Error Scan failed with program error
Oracle Error Scan failed with Oracle error
2.1.0 And after:
Completed Scan completed successfully
Error Scan failed with program error
System Error Scan failed with Oracle error
Bug fixes in 2.1:
The following bugs (present in 1.8.1 and 2.0.2) are fixed in 2.1:
Bug 1:
In the form “Scans Comparison”, grid Baseline Scan, field Scan Code the Db Lookup Image Combo box has the wrong code for System Error, thus causing empty field value in the grid.
Bug 2:
In the form “Parameter Multiple Operations” fixes are applied in the Value Format Parameters and List Format Parameters grids for (multiple) check/uncheck operations to avoid un-saved records.