public inbox for [email protected]
help / color / mirror / Atom feedFrom: HexaCluster via PostgreSQL Announce <[email protected]>
To: PostgreSQL Announce <[email protected]>
Subject: pgdsat v1.1 released
Date: Mon, 22 Apr 2024 18:02:23 +0000
Message-ID: <[email protected]> (raw)
Hanoi, Vietnam - April 19th, 2024
## pgdsat - PostgreSQL Database Security Assessment Tool
pgdsat is a security assessment tool that checks around 80 PostgreSQL security
controls of your PostgreSQL clusters including all recommendations from the
CIS compliance benchmark but not only.
This PostgreSQL Security Assessment Tool allow assessments to be carried out
in an automated manner to verify the security policies established inside the
company. It also gives understanding of the security issued that your cluster
can be faced.
It consists in a single command that must be run on the PostgreSQL server to
collect all necessaries system and PostgreSQL information to compute a security
assessment report. A report consist in a summary of all tests status and a second
part with all detailed information. See a [sample report](https://www.darold.net/sample_pgdsat/report.html).
This release adds new checks and fixes issues reported by users since the first
release published for the event of FOSSASIA 2024 in Hanoi. New features:
* Add cluster version mismatch check if `--cluster` is used.
* Add a check to ensure a data anonymization extension is installed (pg_anonymize or anon).
* Add check to ensure tablespace location is not inside the PGDATA.
* Add statistics about checksum failures if any.
* Double check the Unix socket permission on disk.
* Add check to ensure that the public schema is protected in all database.
For the complete list of changes, please checkout the release note
on [https://github.com/hexacluster/pgdsat/blob/master/ChangeLog](https://github.com/hexacluster/pgdsat/blob/master/ChangeLog)
## Links & Credits
pgdsat is an open project. Any contribution to build a better
tool is welcome. You just have to send your ideas, features requests
or patches using the GitHub tools.
Thank to the developers who submitted patches and users who reported
bugs and feature requests, they are all cited in the ChangeLog file.
Links:
* Sample report: [http://www.darold.net/sample_pgdsat/report.html](http://www.darold.net/sample_pgdsat/report.html)
* Download: [https://github.com/hexacluster/pgdsat/releases](https://github.com/hexacluster/pgdsat/releases)
* Development: [https://github.com/hexacluster/pgdsat](https://github.com/hexacluster/pgdsat)
* Changelog: [https://github.com/hexacluster/pgdsat/blob/master/ChangeLog]([https://github.com/hexacluster/pgdsat/blob/master/ChangeLog)
-----------------
**About pgdsat**
The objective of pgdsat is to have an Open Source and free tool to help PostgreSQL
users to enforce the security of their PostgreSQL clusters. Not all checks might
correspond to your security policies but pgdsat aims to be a reference on which
you can rely to check the compliance of security points with your policy.
Tool created at HexaCluster Corp and maintained by Gilles Darold.
pgdsat works on Linux platform and is available under the GPLv3 licence.
reply
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Reply to all the recipients using the --to and --cc options:
reply via email
To: [email protected]
Cc: [email protected], [email protected]
Subject: Re: pgdsat v1.1 released
In-Reply-To: <[email protected]>
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
This inbox is served by agora; see mirroring instructions
for how to clone and mirror all data and code used for this inbox