- Chat with McAfee Ready to make a purchase or have questions before you buy? Chat with a McAfee expert. Available Monday to Friday.
- Contact Me
- Find a Reseller
- Get Security Notifications Now
- Call: 1-888-847-8766
Overview
McAfee Vulnerability Manager for Databases automatically discovers databases on your network, determines if the latest patches have been applied, and tests for common weaknesses such as weak passwords, default accounts, and other common threats. Vulnerability Manager for Databases conducts more than 4,700 vulnerability checks against leading database systems, including Oracle, SQL Server, DB2, and MySQL.
Clear visibility into database vulnerabilities — By improving visibility into database vulnerabilities and providing expert recommendations for remediation, Vulnerability Manager for Databases reduces the likelihood of a damaging breach, and saves money through better preparation for audits and compliance with regulatory mandates.
Risk evaluation from all known threat vectors — Unlike other products that overwhelm you with a myriad of minor threats hiding the critical issues that must be addressed, Vulnerability Manager for Databases evaluates risk from all known threat vectors and clearly classifies threats into distinct priority levels, provides fix scripts, and includes recommendations.
Centralized database security management — McAfee ePolicy Orchestrator (McAfee ePO) software provides end-to-end visibility, detailed alerts and reports, and is fully integrated with Vulnerability Manager for Databases.
Features & Benefits
Get unparalleled visibility into database security posture
Know exactly where risks are and how to minimize the likelihood of a breach by automatically discovering databases on the network, and conducting more than 4,700 checks for vulnerabilities.
Save time and money by reducing the need for external database security consultants
Get recommendations for remediation for the most high-priority vulnerabilities, in many cases augmented with fix scripts you can run to address any issues.
Gain access to more than 4,700 security verifications
Get comprehensive and up-to-date checks of the most popular database platforms reporting on meaningful criteria such as version/patch level, changed objects, modified privileges, and forensic traces from common hacker tools.
Discover databases and sensitive tables automatically
Find databases by scanning the network or by importing from existing tools, and identify tables containing restricted information based on preset patterns.
Check passwords quickly and efficiently
Use a variety of techniques to detect weak passwords and shared passwords, including hashed passwords (SHA-1, MD5, and DES), by downloading data for local analysis to avoid affecting database performance.
Get out-of-the-box regulatory compliance reports and custom reporting
View reports for PCI DSS and other regulations, as well as specific reports for various stakeholders such as database administrators (DBAs), developers, and InfoSec users.
Get recommendations and fix scripts for high-priority items
Organize items by priority and provide actionable recommendations for remediation based on input from leading security researchers.
Integrate directly with McAfee ePolicy Orchestrator (ePO)
Plug McAfee Vulnerability Manager for Databases directly into the ePO platform to get centralized reporting and summary information for thousands of databases from one consistent dashboard.
System Requirements
These are minimum system requirements only. Actual requirements will vary depending on the nature of your environment.
- McAfee ePolicy Orchestrator (ePO) 4.6
- Microsoft Windows Server 2003 with Service Pack 2 (SP2) or higher
- Microsoft SQL Server 2005 with SP1 or higher
- 2 GB RAM
- 1 GB free disk space
- Browser (for management console): Firefox 2.0 or later, or Microsoft Internet Explorer 7.0 or later
Supported Databases for Scanning
- Oracle 8i or later
- Microsoft SQL Server 2000 or later
- Microsoft SQL Azure
- IBM DB2 8.1 or later for Linux, Unix, and Windows
- MySQL version 4.0 or later
- PostgreSQL version 8.3 or later
- Sybase ASE version 12.5 or later
Videos / Demos
Hardening Databases
Learn how the McAfee Database Security Solution protects you from database breaches and falling victim to cybercrime. This solution includes McAfee Vulnerability Manager for Databases, McAfee Database Activity Monitoring, and McAfee ePolicy Orchestrator software.
Vulnerability Manager for Databases
McAfee Vulnerability Manager for Databases evaluates risk from all know threat vectors and clearly classifies threats into distinct priority levels, provides fix scripts, and includes recommendations.
Demos
News / Events
News
- McAfee Delivers Comprehensive Database Security Solution
March 23, 2011Topics : Risk & Compliance, Database Security
- McAfee to Acquire Sentrigo to Enhance Database Security Portfolio
March 23, 2011Topics : Risk & Compliance, Database Security
- Sentrigo Launches Comprehensive Enterprise-Class Vulnerability Assessment Solution for Databases
September 13, 2010Topics : Database Security
- McAfee Unveils Unparalleled Risk Management Solution
July 19, 2010Topics : Endpoint Protection, Risk & Compliance, Database Security
Events
No results foundOn Demand
- Securing the Next-Generation Data Center: Are You Rugged?
On Demand Webcast
Resources
McAfee Vulnerability Manager for Databases
For a technical summary on the McAfee product listed above, please view the product data sheet.
Reports
Solution Briefs
White Papers
Community
Forums
McAfee Communities : All Content - Vulnerability Manager (Foundstone)
- Vulnerability Group in the CSV
10 hours ago - 1 Post - Windows 2008 Web Server identified as Windows 7
11 hours ago - MVM Approved Microsoft Update List June 2013.docx
23 hours ago - GTI integration with MVM
1 day ago - 1 Post - MVM scan engine with multiple IP addresses (static routes)
4 days ago - 15 posts
Blogs
- NCCDC 2013 – Red Team Recap
Jim Walter - May 07, 2013
This past April (4/19 to 4/21) I had the great pleasure and experience of joining the Red Team at 9th NCCDC competition. It was actually my 2nd year on the Red Team and 4th year to attend in total (I judged in 2010 and 2011). McAfee is actually a perpetual Read more... - RDP+RCE=Bad News (MS12-020)
Jim Walter - March 14, 2012
See March 15 and 16 updates at the end of this blog. —————————————————- The March Security Bulletin release from Microsoft was relatively light in volume. Out of the six bulletins released, only one was rated as Critical. And for good reason. MS12-020 includes CVE-2012-0002. This flaw is specific to the Remote Desktop Protocol (RDP) present on Read more... - An Update on DNSChanger and Rogue DNS Servers
Jim Walter - March 06, 2012
In late 2011, the FBI released documents and data focusing on “Operation Ghost Click.” This malicious operation, leveraging a variety of DNSChanger-type malware, was defined by the FBI as an “international cyber ring that infected millions of computers.” Associated malware samples and events can be traced back several years, and multiple platforms were targeted. To this day many remain Read more... - McAfee Q4 Threats Report Shows Malware Surpassed 75 Million Samples in 2011
David Marcus - February 21, 2012
Today we released our Fourth Quarter 2011 Threat Report, revealing that malware surpassed the our estimate of 75 million unique malware samples last year. Although the release of new malware slowed a bit in Q4, mobile malware continued to increase and recorded its busiest year to date. Malware The overall growth of PC-based malware actually Read more... - Cultural Security: Promoting Security Policies Using Organizational Culture
Steven Fox - September 06, 2011
Most of us refer to security policies in much the same way as we refer to our car manuals – when something unexpected happens. We know these documents have useful information. However, their utility is tied to situations where answers do not present themselves readily. According to Chris Noel, SVP of Product Management at ANXeBusiness, Read more...