A couple of months ago we went on investigating the capabilities of Oracle's DBSAT, the DataBase Security and Assessment Tool.
The tool itself if powerful, it generates detailed information about vulnerabilities in your databases. The information is presented in readable HTML format that enables quick handling to reduce seurity risks.
However....
One special point of attention is needed here and we already made a mistake here.
DBSAT recognizes the installation of the so-called "sample schema's" in the scanned database and reports on this detailed, looking like this:
The special point of attention is regarding EBS database, as they have HR and OE schema's but then for real usage !!
The reporting of DBSAT that Sample Schema's are installed in EBS databases, which need to be dropped, is a so-called False Positive.
For EBS database DO NOT DROP these schema's, as it will render the EBS application unusable
