Hanoi, Vietnam - April 19th, 2024
pgdsat is a security assessment tool that checks around 80 PostgreSQL security controls of your PostgreSQL clusters including all recommendations from the CIS compliance benchmark but not only.
This PostgreSQL Security Assessment Tool allow assessments to be carried out in an automated manner to verify the security policies established inside the company. It also gives understanding of the security issued that your cluster can be faced.
It consists in a single command that must be run on the PostgreSQL server to collect all necessaries system and PostgreSQL information to compute a security assessment report. A report consist in a summary of all tests status and a second part with all detailed information. See a sample report.
This release adds new checks and fixes issues reported by users since the first release published for the event of FOSSASIA 2024 in Hanoi. New features:
--cluster
is used.For the complete list of changes, please checkout the release note on https://github.com/hexacluster/pgdsat/blob/master/ChangeLog
pgdsat is an open project. Any contribution to build a better tool is welcome. You just have to send your ideas, features requests or patches using the GitHub tools.
Thank to the developers who submitted patches and users who reported bugs and feature requests, they are all cited in the ChangeLog file.
Links:
About pgdsat
The objective of pgdsat is to have an Open Source and free tool to help PostgreSQL users to enforce the security of their PostgreSQL clusters. Not all checks might correspond to your security policies but pgdsat aims to be a reference on which you can rely to check the compliance of security points with your policy.
Tool created at HexaCluster Corp and maintained by Gilles Darold.
pgdsat works on Linux platform and is available under the GPLv3 licence.