Hi Jennifer, I understand you're looking for a database discovery/inventory tool that can analyze your infrastructure (on-premises, virtual machines, containers, cloud) to identify all RDBMS instances, not just the ones you know about. This is currently part of Data Security Posture Management (DSPM), Data Discovery and Classification (DDC), or attack surface management solutions.
Regarding purpose-built Database Discovery and Classification tools, I recommend upgrading to the Imperva Data Security Fabric (DSF) solution: it automatically detects structured and unstructured databases in hybrid environments.
On the other hand, if you're looking for something more basic and introductory to evaluate before moving on to the next level, I recommend:
- Nmap with NSE scripts: can scan networks for open ports (1433 MSSQL, 3306 MySQL, 1521 Oracle, 5432 PostgreSQL, etc.) and identify running database services.
- osquery: can be deployed on endpoints/servers to detect installed database software.
- Censys/Shodan internal scan (server-hosted tools): detects internet-connected databases in your organization.
I hope this helps, and good luck!
------------------------------
Luis Elola
CyberSecurity Engineer
Chile
------------------------------
Original Message:
Sent: 08-19-2025 11:39
From: Jennifer McNamara
Subject: Product to scan/discover
Hello,
I am looking for information on a product or utility to scan/discover RDBM's in our environment. We are looking to find databases both known and unknown to us in our environment.
Thank you
#AllImperva
------------------------------
Jennifer McNamara
Data Governance Contractor
America First Credit Union
Riverdale UT
------------------------------