Database Security Assessment Tool
The Oracle Database Security Assessment Tool (DBSAT) analyzes database configurations, users, their entitlements, security policies and identifies where sensitive data resides to uncover security risks and improve the security posture of Oracle Databases within your organization.
You can use DBSAT report findings to:
- Fix immediate short-term risks
- Implement a comprehensive security strategy
- Support your regulatory compliance program
- Promote security best practices
Download
Oracle Database Security Assessment Tool (DBSAT) (Doc ID 2138254.1)
Installation and test
[orauat@ebsuat dbsat]$ unzip dbsat.zip
Check python installed or not
[orauat@ebsuat dbsat]$ python -V
Python 2.7.6
you should install latest version 2.6 or later
Collect :
[orauat@ebsuat dbsat]$ ./dbsat collect system@EBSUAT EBSUAT_OUTPUT
Database Security Assessment Tool version 2.0.2 (May 2018)
This tool is intended to assist in you in securing your Oracle database
system. You are solely responsible for your system and the effect and
results of the execution of this tool (including, without limitation,
any damage or data loss). Further, the output generated by this tool may
include potentially sensitive system configuration data and information
that could be used by a skilled attacker to penetrate your system. You
are solely responsible for ensuring that the output of this tool,
including any generated reports, is handled in accordance with your
company’s policies.
Connecting to the target Oracle database…
SQL*Plus: Release 11.2.0.2.0 Production on Sun Oct 7 14:39:12 2018
Copyright (c) 1982, 2010, Oracle. All rights reserved.
Enter password:
Connected to:
Oracle Database 11g Enterprise Edition Release 11.2.0.2.0 – 64bit Production
With the Partitioning, OLAP, Data Mining and Real Application Testing options
Setup complete.
SQL queries complete.
OPatch cannot find a valid oraInst.loc file to locate Central Inventory.
Warning: Exit status 26624 from OS rule: opatch_inventory
OS commands complete.
Disconnected from Oracle Database 11g Enterprise Edition Release 11.2.0.2.0 – 64bit Production
With the Partitioning, OLAP, Data Mining and Real Application Testing options
DBSAT Collector completed successfully.
Calling /u01/EBSUAT/db/tech_st/11.2.0/bin/zip to encrypt EBSUAT_OUTPUT.json…
Enter password:
Verify password:
adding: EBSUAT_OUTPUT.json (deflated 90%)
zip completed successfully.
Report
[orauat@ebsuat dbsat]$ ./dbsat report EBSUAT_OUTPUT
Database Security Assessment Tool version 2.0.2 (May 2018)
This tool is intended to assist in you in securing your Oracle database
system. You are solely responsible for your system and the effect and
results of the execution of this tool (including, without limitation,
any damage or data loss). Further, the output generated by this tool may
include potentially sensitive system configuration data and information
that could be used by a skilled attacker to penetrate your system. You
are solely responsible for ensuring that the output of this tool,
including any generated reports, is handled in accordance with your
company’s policies.
Archive: EBSUAT_OUTPUT.zip
[EBSUAT_OUTPUT.zip] EBSUAT_OUTPUT.json password:
inflating: EBSUAT_OUTPUT.json
Traceback (most recent call last):
File “/u01/EBSUAT/dbsat/./sat_reporter.py”, line 6372, in <module>
fn()
File “/u01/EBSUAT/dbsat/./sat_reporter.py”, line 444, in user_section
user_login(profile_dict, acct_profiles)
File “/u01/EBSUAT/dbsat/./sat_reporter.py”, line 1036, in user_login
profile_unset(profiles, users, ‘PASSWORD_LOCK_TIME’, (‘day’, ‘days’))
File “/u01/EBSUAT/dbsat/./sat_reporter.py”, line 1157, in profile_unset
value = sing_plural(int(value), units[0], units[1])
ValueError: invalid literal for int() with base 10: ‘.0416’
Traceback (most recent call last):
File “/u01/EBSUAT/dbsat/./sat_reporter.py”, line 6378, in <module>
sat.end_report()
File “/u01/EBSUAT/dbsat/sat_analysis.py”, line 625, in end_report
xls_book.close()
File “/u01/EBSUAT/dbsat/xlsxwriter/workbook.py”, line 310, in close
self._store_workbook()
File “/u01/EBSUAT/dbsat/xlsxwriter/workbook.py”, line 624, in _store_workbook
allowZip64=self.allow_zip64)
File “/usr/local/lib/python2.7/zipfile.py”, line 732, in __init__
“Compression requires the (missing) zlib module”
RuntimeError: Compression requires the (missing) zlib module
Error: Unexpected error occurred while running DBSAT Reporter.
(The above error occurred when i try to take the report of which i collected json file, But i am not sure why the above error occurred, But the report output created. I need to check this error with oracle support).
Refer :
https://docs.oracle.com/cd/E93129_01/
DBA 
Hi Mohamed,
I’m writing to let you know that we just released DBSAT 2.2.2.
The main effort in this release was to make DBSAT able to differentiate an Oracle Database running on-premises,
from an autonomous database (shared or dedicated) or DBCS, and if makes sense do specific checks and recommendations.
You can read more about it in the release notes:
https://docs.oracle.com/en/database/oracle/oracle-database/21/satrn/#SATRN-GUID-41633A90-EEF1-419A-BA05-32D4C19FFE0F