PS Product SecurityKnowledge Base

DAM / Immutable Logging / Privileged Session Review Checklist

  • Are native DB audit features enabled on crown-jewel systems?
  • Can DBAs or root users delete or alter the only copy of audit evidence?
  • Is there immutable or WORM-protected storage for raw audit exports?
  • Are privileged human sessions routed through an access broker or controlled bastion?
  • Are session recordings retained independently from target hosts?
  • Are sensitive-table reads, role changes, schema changes, and destructive statements alertable?
  • Is there a documented evidence retrieval test for incidents and audits?