SQL Server Developer Center >
SQL Server Forums
>
SQL Server Security
>
Need help with vulnerability scanning & penetration testing
Need help with vulnerability scanning & penetration testing
- I need help in finding tools which will allow me to scan for vulnerabilities, monitor access rights, run penetration testing and monitor user activity on sql server 2008. I do not want to spend too much money so please suggest some inexpensive yet reliable tools.Thanks in advance_Justin
Answers
- I dont think there are tools with these kinds of functionlaity and come for free.
But anyway have you had a look at SQLSECURE ? I think this might be a very good option in your case.
Thanks, Leks- Marked As Answer byChunSong Feng -MSFTMSFT, ModeratorTuesday, November 10, 2009 3:02 AM
- Proposed As Answer byChunSong Feng -MSFTMSFT, ModeratorFriday, November 06, 2009 10:39 AM
- Justin,There are a lot of different security assessment tools available in the market. The best way is to google it and see which one best fits your needs.A while back I evaluated an audit tool 'Secure Auditor'. It lets you scan and audit your network for vulnerabilities and shows them in a report form. It also lets you run different penetration tests like dictionary attacks, brute force attacks and hybrid attacks and it has a user access rights auditor utility as well. You'll have to check out the software to see if it will help you monitor user activity. I suggest that you download the trial version and test it first.Melanie DeNittis
- Marked As Answer byChunSong Feng -MSFTMSFT, ModeratorTuesday, November 10, 2009 3:02 AM
- Proposed As Answer byMelanieDeNittis Monday, November 02, 2009 10:36 AM
All Replies
- I dont think there are tools with these kinds of functionlaity and come for free.
But anyway have you had a look at SQLSECURE ? I think this might be a very good option in your case.
Thanks, Leks- Marked As Answer byChunSong Feng -MSFTMSFT, ModeratorTuesday, November 10, 2009 3:02 AM
- Proposed As Answer byChunSong Feng -MSFTMSFT, ModeratorFriday, November 06, 2009 10:39 AM
- Justin,There are a lot of different security assessment tools available in the market. The best way is to google it and see which one best fits your needs.A while back I evaluated an audit tool 'Secure Auditor'. It lets you scan and audit your network for vulnerabilities and shows them in a report form. It also lets you run different penetration tests like dictionary attacks, brute force attacks and hybrid attacks and it has a user access rights auditor utility as well. You'll have to check out the software to see if it will help you monitor user activity. I suggest that you download the trial version and test it first.Melanie DeNittis
- Marked As Answer byChunSong Feng -MSFTMSFT, ModeratorTuesday, November 10, 2009 3:02 AM
- Proposed As Answer byMelanieDeNittis Monday, November 02, 2009 10:36 AM
