// DATABASE PENETRATION TESTING
We treat the database layer as your most sensitive asset.
Audit of all components — database privileges, OS-level rights, account management, security parameters, data security and logging.
// WHY KRITERA
Database expertise is not commodity
Database pentests are a discipline distinct from network pentests. Real-world experience across Oracle, MSSQL, MySQL, PostgreSQL, MongoDB.
01
All Major DBs
Oracle, MS SQL Server, MySQL/MariaDB, PostgreSQL, MongoDB, Redis. Each with its own security controls and typical flaws.
02
Privilege Management Depth
PUBLIC role, sa/system accounts, privilege escalation paths, default passwords, default databases — all manually inspected.
03
Logging & Audit Trail
Not just vulnerability — your evidence capacity. We verify your audit log is correctly configured and captures sensitive operations.
// SCOPE
Database pentest layers
LAYER 1
Authentication
Default/weak passwords, account lockout policy, MFA support, external identity (LDAP/AD) integration, login logs.
LAYER 2
Authorization
Role-based access control audit, unnecessary grants on PUBLIC role, privilege escalation paths, row/column-level security (RLS/CLS).
LAYER 3
Data Protection
TDE (Transparent Data Encryption), column-level encryption, masking of sensitive columns, backup file encryption, transport encryption (TLS).
LAYER 4
Logging & Audit
Audit log configuration, DDL/DML logs, failed logins, SYSADMIN activity, log protection (write-once-read-many), SIEM integration.
LAYER 5
DB Operating System
OS-level rights of the DB service account, file system permissions, network exposures (linked servers, dblinks), backup/restore processes.
// PITFALLS
Most common database-layer vulnerabilities
Recurring DB flaws seen in banking, public and telecom sectors over the past 3 years:
Installations left at defaults
MS SQL with default sa account and blank password, or Oracle’s SYS/CHANGE_ON_INSTALL. Solution: Hardening checklist + automated audit.
Excessive PUBLIC grants
Sensitive table/procedure access exposed to all users via PUBLIC role. Solution: REVOKE all from PUBLIC + least privilege.
Linked servers / dblinks
Bridge from one DB to others/servers, one compromised DB drops the whole environment. Solution: Linked server usage limited and monitored.
Audit log disabled
Even DBAs perform actions without logs. Solution: All activity including SYSADMIN logged, shipped to external SIEM.
Backups unencrypted
If a backup file is stolen, all data is exposed. Solution: Backup encryption (TDE or app-level) + restricted backup access.
// CONTACT
Scoping call for your DB inventory
Which databases, what access level (DBA/app), test window, report format — in a free introductory call.