Manage Classification and Vulnerability Assessment

Assign datasources to an existing classification or vulnerability assessment process, or create new processes.

About this task

The Vulnerability Assessment menu is available only if you have a valid VA license.

Once you assign a classification process to a datasource, classification data is collected and handled the same as an on-premises database. You can assign classification when you are not the owner, but you must take ownership in order to enable object audit and view the results.

A green icon indicates the process is running. A yellow icon means there is no schedule defined for the process. A red icon in the Classification Process or VA column indicates no classification or VA assigned, or an error. View VA errors in Harden > Vulnerability Assessment > Assessment Builder > View Results. View classification errors in Discover > Classification > Discover Sensitive Data > Review Report ribbon > Process Log.

If you get a classification error file bdump-file-listing in BDUMP not found Unable to retrieve results for: 'RDSADMIN.TRACEFILE_ add RDSADMIN to the pre-defined schema group Excluded Classification schemas - Oracle in the Group Builder.

Procedure

  1. Assign one or more datasources to an existing Classification process.
    1. Select one or more datasources.
    2. Click Classification > Add to Classification.
    3. Select the Classification Process and click Save.
    4. Optionally click Edit/View to modify or run the classification process.
    5. If you want to enable object auditing automatically for the objects found by classification process, click Edit/View to open the classification process; in the Where to search ribbon, select the checkbox Enable object auditing for Cloud DBs.
    6. Alternatively, run the classification: click Run Now in the Run Discovery ribbon in the Discover > Classification > Discover Sensitive Data.
  2. Create a new Classification process, and assign one or more datasources to it.
    1. Select one or more datasources.
    2. Click Classification > Create Classification.
    3. Follow procedure in Discover Sensitive Data. Enable object auditing for Cloud DBs is selected by default. Leave it selected.
    4. Run the classification: after you define Where to Search, click Run Now, or after you save the process click Run Now in the Run Discovery ribbon.
  3. Assign one or more datasources to an existing Vulnerability Assessment.
    1. Select one or more datasources.
    2. Click Vulnerability Assessment > Add to Vulnerability Assessment.
    3. Select the Vulnerability Assessment process and click Save.
    4. Run the process: navigate to Harden > Vulnerability Assessment > Assessment Builder, select the process and click Run once now.
  4. Create a new Vulnerability Assessment, and assign one or more datasources to it.
    1. Select one or more datasources.
    2. Click Vulnerability Assessment > Create Vulnerability Assessment.
    3. Enter a description of the vulnerability assessment; enter one or more email addresses, separated by commas, to receive the results as part of an audit process that you define.
    4. Click Save.
      The VA process is created with all tests, the selected datasources, and the receivers you defined.
    5. Run the process: navigate to Harden > Vulnerability Assessment > Assessment Builder, select the process and click Run once now.