LevelBlue

LevelBlue + SentinelOne Partner to Deliver AI-Powered Managed Security Operations and Incident Response. Learn More

Submit RFP Request a Demo

Database Security Knowledgebase Update 6.39

Trustwave Database Security Knowledgebase (ShatterKB) 6.39 is now available. It introduces new checks for Redis, Cassandra and Microsoft Azure SQL Database.

 

New Checks - Cassandra

  • Latest patch not applied
    • Description: Verify that the latest patches are applied to the database.
    • Risk: High

 

New Checks - Microsoft Azure SQL Database

  • Audit records for successful attempts to execute privileged activities
    • Description: Check if audit records are generated for successful attempts to execute privileged activities or other system-level access.
    • Risk: Medium
  • Discretionary access control over defined objects
    • Description: Verify that permissions on database objects are configured correctly.
    • Risk: Medium
  • Audit records for changes to the configuration of Azure SQL Database
    • Description: Check if audit records are generated when enforcement of access restrictions associated with changes to the configuration of Azure SQL Database(s).
    • Risk: Medium
  • Audit records for unsuccessful attempts to execute privileged activities
    • Description: Check if audit records are generated for unsuccessful attempts to execute privileged activities or other system-level access.
    • Risk: Medium

New Checks - Redis

  • Verify non-admin users with admin level privileges
    • Description: Verify which users have admin level privileges ('default' account is excluded).
    • Risk: Medium

 

New Policies

  • DISA-STIG Redis EDB 6.x V1R2 - Audit (Built-In)
    This policy has been created with the guidelines mapped out in the DOD Security Technical Implementation Guide(s) "Redis Enterprise 6.x Security Technical Implementation Guide V1R2"
  • DISA-STIG SQL Server 2016 Y23M04 Audit (Built-In)
    This policy has been created with the guidelines mapped out in the DOD Security Technical Implementation Guides "SQL Server 2016 Database STIG - V2R6" and "SQL Server 2016 Instance STIG - V2R9"
  • DISA-STIG Oracle 12c V2R7 - Audit (Built-In)
    This policy has been created with the guidelines mapped out in the DOD Security Technical Implementation Guide(s) "Oracle 12c Checklist Security Technical Implementation Guide V2R7"

 

Availability

  • Available to all AppDetectivePRO and DbProtect customers with maintenance (subscription or perpetual) in good standing at no additional cost.
  • Download SHATTER Knowledgebase from the Trustwave Support Portal. (https://www.trustwave.com/Company/Support/ and select AppDetectivePRO or DbProtect)
  • AppDetectivePRO customers can use the Updater within the product as well

Latest Software Updates

CVT Deployment 1.111.0-1

Database Security Knowledgebase Update KB 6.54

DbProtect 6.6.13 Now Available

Stay Informed

Sign up to receive the latest security news and trends straight to your inbox from LevelBlue.
© Copyright 2026