DADMS approves Automated SQL Security Evaluation Tool (ASSET)

Database administrators working in government facilities responsible for SQL servers can all breathe a sigh of relief. Why? Because now they finally have an automated tool to help them with one of the more difficult and time-consuming parts of the job – SQL STIGs. 

With the increased requirements to harden IT infrastructures throughout the military and government agencies, many agencies now face for the first time the dilemma SQL STIGs present. Fortunately, DBAs finally have a reliable and comprehensive automated SQL STIG tool in ASSET that DADMS has approved for use. 

What Is ASSET? 

Developed by Borelli Security Software, Inc., ASSET (Automated SQL Security Evaluation Tool) was designed as a tool for DBAs to save time and increase reliability when implementing DISA’s SQL Server 2014 and 2016 Security Technical Implementation Guidelines (STIGs) on a Department of Defense SQL Server. 

Borelli Security Software, Inc.’s team of cyber security experts focused on ease of use, efficiency, accuracy, and security. As a result, ASSET delivers a simple and intuitive interface that saves time. Lots of time. And it’s accurate, comprehensive, and did we say fast? 

ASSET is a vulnerability scanning tool for SQL Server. While not the only tool available, the few others out there don’t have near the capability of ASSET. You see, ASSET performs nearly ALL vulnerability checks for DISA’s SQL Server STIG checklists. 

Using ASSET to compile and evaluate data from the Operating and File systems, SQL server, Active Directory, DNS, Security Policy, Windows Management Instrumentation Panel, Access Control Lists, and Registry and Certificate Hives is simple. In minutes, ASSET collects and evaluates the data. Then, ASSET produces its results and findings directly into the DISA STIG checklist in XCCDF (Extensible Configuration Checklist Description Format).

As a result, ASSET insures a uniform, accurate implementation of DISA’s STIG guidelines. It also saves time and time is money. 

How Much Time Does ASSET Save? 

Any DBA familiar with the process will tell you that manually running a SQL STIG takes time. A lot of time. New DBAs might take weeks to manually STIG a SQL server. More experienced DBAs will accomplish the task in several days. DBA experts who cobble together their own set of scripts to help reduce the time it takes to STIG a SQL Server down to a few days. 

ASSET performs the scan and produces its results in minutes. You still have some manual processing to do after ASSET completes its work, but you can finish most STIGs in just a few hours, not days. If you’ve been through a manual STIG before, you dread the process, but you don’t have to anymore if you have the automated STIG tool ASSET at your disposal. 

How Much Does ASSET Cost? 

You have several licensing options for the automated STIG tool ASSET. The basic Single Seat, Single CAL license retails at $29.95 for a one-month subscription. This subscription allows you to run ASSET on a single computer to scan a single SQL Server. A small operation that doesn’t STIG often can take advantage of ASSET’s capabilities without a huge investment. 

Borelli Security Software, Inc. offers a 12-month subscription in a Single Seat, Single CAL license for those smaller environments that STIG more often. Licensing for 12a months will cost you $259.95 and while you don’t get any added seats versus the one-month subscription, you do save about $100 for the year against the monthly subscription. 

Large operations with multiple SQL servers on a single domain can take advantage of ASSET’s One-Year Per Active Directory Domain license. With this license, you can run ASSET on every SQL Server within the domain. The cost is $1,299.95 for the one-year license, so if you have five or more servers on your domain you’d benefit from this license. 

Borelli Security Software, Inc. even offers a Free Trial Subscription.  You should be aware that the free trial version only returns 10% of the results.  The intent is to illustrate the ease of use.  

You don’t have to commit beyond the original length of license you purchase. Licenses won’t automatically renew so you don’t have to worry about cancelling your subscription if the need for STIGs goes away for any reason. 

Order Your Automated SQL Security Evaluation Tool Today 

Whether you’re new to performing STIGs or simply want a better solution, Borelli Security Software, Inc. can help reduce your frustration and save you time. We invite you to browse our Automated SQL Security Evaluation Tool ASSET subscriptions online. Ordering is simple and we’re confident you’ll love the results. If you prefer a demonstration, please feel free to contact us. One of our cyber security professionals will show you how easy ASSET is and answer all of your questions.