Click here to monitor SSC
SQLServerCentral is supported by Redgate
Log in  ::  Register  ::  Not logged in
Home       Members    Calendar    Who's On

Add to briefcase

Scuba Security Audit Findings: 2005 Text formatting, unchecked buffers Expand / Collapse
Posted Friday, March 8, 2013 11:04 AM
Forum Newbie

Forum NewbieForum NewbieForum NewbieForum NewbieForum NewbieForum NewbieForum NewbieForum Newbie

Group: General Forum Members
Last Login: Wednesday, November 23, 2016 2:41 PM
Points: 7, Visits: 204
I am a fairly new MS SQL database administrator, (with considerable SQL programmer/developer experience). My new company hired me fast because I was the best qualified database professional available immediately. They needed someone in here pronto to help them pass a federal security audit comming up early next month. The second week I was working, federal auditors came in here to run Scuba scans, (by Imperva), of our databases. I've managed to get a good momentum elliminating these findings and have only put my users on ice a couple of times in the month since then .

We only have a month left and now I have this annoying Scuba finding affecting my 2005 and 2008 databases - and thus endangering our audit success. Problem is, I can only find documentation on this issue for version 7 and 2000 - not 2005 or 2008. I had been working off my own Scuba scans and ignoring that finding. Today, we received the official report and it lists this issue, too. I imagined that the feds would comb through the Scuba findings and realize that that particular issue wasn't valid. I know, I know - how naive!

Has anyone ever effectively documented - or remidiated, if possible, this finding in Scuba? If so, I would greatly appreciate any guidance.

Thank you for your consideration and assistance!

- Jackie
9.0.5292 on 2003 R2 SP2
9.0.5069 on 2008 R2 Standard SP1
Post #1428705
« Prev Topic | Next Topic »

Add to briefcase

Permissions Expand / Collapse