Hi Jennifer, I understand you're looking for a database discovery/inventory tool that can analyze your infrastructure (on-premises, virtual machines, containers, cloud) to identify all RDBMS instances, not just the ones you know about. This is currently part of Data Security Posture Management (DSPM), Data Discovery and Classification (DDC), or attack surface management solutions.
Regarding purpose-built Database Discovery and Classification tools, I recommend upgrading to the Imperva Data Security Fabric (DSF) solution: it automatically detects structured and unstructured databases in hybrid environments.
On the other hand, if you're looking for something more basic and introductory to evaluate before moving on to the next level, I recommend:
- Nmap with NSE scripts: can scan networks for open ports (1433 MSSQL, 3306 MySQL, 1521 Oracle, 5432 PostgreSQL, etc.) and identify running database services.
- osquery: can be deployed on endpoints/servers to detect installed database software.
- Censys/Shodan internal scan (server-hosted tools): detects internet-connected databases in your organization.
I hope this helps, and good luck!
------------------------------
Luis Elola
CyberSecurity Engineer
Chile
------------------------------