SQL Server Vulnerability Scanning Done Right
Looking for a reliable SQL Server vulnerability scanning tool to help evaluate your SQL server's security posture against DISA's Security Technical Implementation Guidelines (STIGs)?
ASSET automates DISA's manual SQL 2014 & 2016 STIG checks against SQL servers and produces instance and database checklists in the required .xccdf 1.1 xml format, saving you hours—if not days—of tedious and error-prone manual labor. When you use ASSET to execute your SQL STIG checks, it will:
- Quickly and reliably perform nearly ALL of the DISA mandated SQL STIG vulnerability checks
- Automatically evaluate scan results, assigning the appropriate status (Not a Finding, Open, Not Applicable) where possible, and...
- Provide the information necessary to support that status, or facilitate any further review
- Include customizable Finding Details language based on scan results
- Output directly to a DISA SQL 2014 or 2016 STIG checklist. (No more copying and pasting the results from your own ad-hoc scripts into the checklists!)
- Produce the both Instance and/or Database checklists
- Target multiple databases on a single SQL server at once and automatically produce individual checklists for each one
- Supports Windows and SQL Authentication
- Unattended execution features for seamless integration with other scanning tools
- Open-Source version available (with signed contract) if local command requires it
- Windows 64-bit Operating System with:
- .NET 4.5 or higher
- PowerShell 5 or higher
- Execution policy remotesigned
This is a one year subscription download - Per AD Domain license*. Expires 11/1/2022.
*Initial download will be a 30-day, unlimited license, un-tethered to any domain. You must contact us at CustomerService@BorelliSecuritySoftware.com and provide domain information for the full 12-month AD Domain licensed version.