SQL Query Example: Sites with Credentials Issues

Document created by synapsr on Feb 6, 2015
Version 1Show Document
  • View in full screen mode

Security and even regular news are now filled with breaches most of which are happening through credentials.  This query is one of the ways to get an idea what assets have poorly managed credentials such as default accounts as in this example.

 

 

SELECT ds.name AS site, da.ip_address, da.host_name, dv.title AS vulnerability_title, dos.description AS operating_system, dos.cpe

FROM fact_asset_vulnerability_finding favf

JOIN dim_asset da USING (asset_id)

JOIN dim_operating_system dos USING (operating_system_id)

JOIN dim_vulnerability dv USING (vulnerability_id)

JOIN dim_vulnerability_category dvc USING (vulnerability_id)

JOIN dim_site_asset dsa USING (asset_id)

JOIN dim_site ds USING (site_id)

WHERE (dvc.category_name LIKE '%Default Account%')

ORDER BY ds.name ASC, dv.title ASC

2 people found this helpful

Attachments

    Outcomes