RE: Database Vulnerability Scanners

["Rosado, Rafael (Rafael)" <rarosado () lucent com>]

There is also Symantec's Enterprise Security Manager (ESM) for Oracle and
Pentasafe's Vigilent amongst others.  Here is a link to Talisker's web site
that has a list of vulnerbility scanners for Databases.

Good Luck!

Rafael Rosado, CISSP, CISA
IT Security Manager
Caribbean and Latin America Region (CALA) &
Global Risk Assessment and Penetration Testing
Lucent Technologies O  
Corporate Security
Business Assurance and Risk Mitigation Services (B.A.R.M.S.) 
2400 SW 145th Avenue - Room 3S039
Miramar, Florida 33027 
+1 954-885-2176 (voice) *
+1 954-885-3861 (fax) * 
+1 954-648-3532 (mobile) or 9546483532 () mobile att net (text message) *
rarosado () lucent com (email) *

This electronic mail message contains information belonging to Lucent
Technologies, which may be confidential and/or legal privileged. The
information is intended only for the use of the individual or entity named
above. If you are not the intended recipient, you are hereby notified that
any disclosure, printing, copying, distribution, or the taking of any action
in reliance on the contents of this electronically mailed information is
strictly prohibited. If you receive this message in error, please
immediately notify us by electronic mail and delete this message.



-----Original Message-----
From: bsec [mailto:bsec () cotse net]
Sent: Friday, January 31, 2003 4:57 PM
To: SECURITY-BASICS () securityfocus com
Subject: Database Vulnerability Scanners


After doing a search on Google and some other security sites, it appears
that there are only two database vulnerability scanners on the market
right now - ISS's Database Scanner and Application Security, Inc's
AppDetective.  Are there any other database vulnerability scanners out
there?  Has anyone had experience with either of these two scanners?

Thanks in advance,
Brett