The Oracle Database Security Assessment Tool (DBSAT) analyzes database configurations and it tells us uncovers security risks and improves the security posture of Oracle Databases.

Its very easy to use that tool. We can use DBSAT to implement and enforce security practices in our Oracle databases. DBSAT generate reports which We can easly find what happen in our databases, such as:

– state of user accounts,
– role and privilege grants,

We can use that report to fix immediate short-term security risks and build&develop security strategy for our databases.

DBSAT is provided at no additional cost(this is the most important part) and it give us chance to can to quickly find:

– Security configuration issues, and how to remediate them
– Users and their entitlements
– Location, type, and quantity of sensitive data

DBSAT analyzes information on the database and listener configuration to identify configuration settings that may unnecessarily introduce risk.

For more information and how to download DBSAT  please click here
DBSAT Documentation can be found here

Please do not forget DBSAT supports Oracle Database 10.2.0.5 and later.
For more information please check Oracle Database Security Assessment Tool (DBSAT) (Doc ID 2138254.1)

Similar report result looks like below. Those screenshots are taken from this link

The figure below summarizes the security status of a sample database and categorizes its findings by risk levels.

The Finding below show which users have the powerful DBA role, and how that role was obtained (directly granted, granted via another role).

DBSAT also scans the database metadata for sensitive data using customizable regular expression patterns, and reports on the amount and type of sensitive data found.