- Chat with McAfee Ready to make a purchase or have questions before you buy? Chat with a McAfee expert. Available Monday to Friday.
- Find a Reseller
- Contact Me
- Get Security Notifications Now
- Call: 1-888-847-8766
Overview
McAfee Vulnerability Manager for Databases automatically discovers databases on your network, determines if the latest patches have been applied, and tests for common weaknesses such as weak passwords, default accounts, and other common threats. Vulnerability Manager for Databases conducts more than 3,000 vulnerability checks against leading database systems, including SQL Server, DB2, and MySQL.
Clear visibility into database vulnerabilities — By improving visibility into database vulnerabilities and providing expert recommendations for remediation, Vulnerability Manager for Databases reduces the likelihood of a damaging breach, and saves money through better preparation for audits and compliance with regulatory mandates.
Risk evaluation from all known threat vectors — Unlike other products that overwhelm you with a myriad of minor threats hiding the critical issues that must be addressed, Vulnerability Manager for Databases evaluates risk from all known threat vectors and clearly classifies threats into distinct priority levels, provides fix scripts, and includes recommendations.
Features & Benefits
Get unparalleled visibility into database security posture
Know exactly where risks are and how to minimize the likelihood of a breach by automatically discovering databases on the network, and conducting more than 3,000 checks for vulnerabilities.
Save time and money by reducing the need for external database security consultants
Get recommendations for remediation for the most high-priority vulnerabilities, in many cases augmented with fix scripts you can run to address any issues.
Gain access to more than 3,000 security verifications
Get comprehensive and up-to-date checks of the most popular database platforms reporting on meaningful criteria such as version/patch level, changed objects, modified privileges, and forensic traces from common hacker tools.
Discover databases and sensitive tables automatically
Find databases by scanning the network or by importing from existing tools, and identify tables containing restricted information based on preset patterns.
Check passwords quickly and efficiently
Use a variety of techniques to detect weak passwords and shared passwords, including hashed passwords (SHA-1, MD5, and DES), by downloading data for local analysis to avoid affecting database performance.
Get out-of-the-box regulatory compliance reports and custom reporting
View reports for PCI DSS and other regulations, as well as specific reports for various stakeholders such as database administrators (DBAs), developers, and InfoSec users.
Get recommendations and fix scripts for high-priority items
Organize items by priority and provide actionable recommendations for remediation based on input from leading security researchers.
Integrate directly with McAfee ePolicy Orchestrator (ePO)
Plug McAfee Vulnerability Manager for Databases directly into the ePO platform to get centralized reporting and summary information for thousands of databases from one consistent dashboard.
System Requirements
These are minimum system requirements only. Actual requirements will vary depending on the nature of your environment.
- McAfee ePolicy Orchestrator (ePO) 4.5
- Microsoft Windows Server 2003 with Service Pack 2 (SP2) or higher
- Microsoft SQL Server 2005 with SP1 or higher
- 2 GB RAM
- 1 GB free disk space
- Browser (for management console): Firefox 2.0 or later, or Microsoft Internet Explorer 7.0 or later
Supported Databases for Scanning
- Oracle 8i or later
- Microsoft SQL Server 2000 or later
- Microsoft SQL Azure
- IBM DB2 8.1 or later for Linux, Unix, and Windows
- MySQL version 4.0 or later
- PostgreSQL version 8.3 or later
- Sybase ASE version 12.5 or later
Demos / Videos
Hardening Database Security
Learn how the McAfee Database Security Solution protects you from database breaches and falling victim to cybercrime. This solution includes McAfee Vulnerability Manager for Databases, McAfee Database Activity Monitoring, and McAfee ePolicy Orchestrator software.
McAfee Risk & Compliance
Learn how McAfee Risk and Compliance products scan your entire network, providing complete visibility and ensuring proper protection.
Videos
News / Events
News
- McAfee Delivers Comprehensive Database Security Solution
March 23, 2011Topics : Risk & Compliance, Database Security
- McAfee to Acquire Sentrigo to Enhance Database Security Portfolio
March 23, 2011Topics : Risk & Compliance, Database Security
- Sentrigo Launches Comprehensive Enterprise-Class Vulnerability Assessment Solution for Databases
September 13, 2010Topics : Database Security
- McAfee Unveils Unparalleled Risk Management Solution
July 19, 2010Topics : Endpoint Protection, Risk & Compliance, Database Security
Events
No results foundResources
McAfee Vulnerability Manager for Databases
For a technical summary on the McAfee product listed above, please view the product data sheet.
Reports
Solution Briefs
White Papers
Community
Forums
McAfee Communities : All Content - Vulnerability Manager (Foundstone)
- 3100/2100 appliance Windows updates - query on KB73493
8 minutes ago - 1 Post - Does FS Scans need CLI access to Network assets in a company?
20 hours ago - MVM credential scans
1 day ago - 2 posts - MVM - Active Directory - Asset Owner
1 day ago - Foundstone and CCS Differences
3 days ago
Blogs
- McAfee Q4 Threats Report Shows Malware Surpassed 75 Million Samples in 2011
David Marcus - February 21, 2012
Today we released our Fourth Quarter 2011 Threat Report, revealing that malware surpassed the our estimate of 75 million unique malware samples last year. Although the release of new malware slowed a bit in Q4, mobile malware continued to increase and recorded its busiest year to date. Malware The overall growth of PC-based malware actually Read more... - Cultural Security: Promoting Security Policies Using Organizational Culture
Steven Fox - September 06, 2011
Most of us refer to security policies in much the same way as we refer to our car manuals – when something unexpected happens. We know these documents have useful information. However, their utility is tied to situations where answers do not present themselves readily. According to Chris Noel, SVP of Product Management at ANXeBusiness, Read more... - Building an Arsenal of Best-in-Breed Database Security Solutions
Eric Schou - August 19, 2011
Visit any news site on the Web, and undoubtedly you’ll come across a barrage of articles publicizing the details of yet another data breach. With the prominence of SQL injection attacks, and malicious insiders and hackers exploiting sensitive data stored on unpatched and vulnerable databases, enterprise organizations have found themselves reevaluating their security strategies. Following Read more... - Hackers vs. Hackers: The New Frontier Of Embedded Devices
Stuart McClure - June 27, 2011
If we look at the evolution of hacking, certain techniques never go out of style, but we’re at the beginning of a big shift in terms of the targets. The threat landscape has evolved beyond PCs, tablets, and smartphones to a whole new battleground: connected devices all around us. According to Ericsson, there will be Read more... - The Consumer Experience, The Data Center And 99.9% Uptime
Evelyn de Souza - May 23, 2011
While 99.9% network and server uptime has long been an established standard in data centers, the consumer experience so often fails to live up to that, and I as I was reminded of again this weekend. Unplanned network or server changes or vulnerabilities are often the cause of website outages. And, as the website Read more...