Product Security

This section describes the security and privacy practices embedded in dbWatch Control Center, along with technical controls and configurations that can help you maintain a secure deployment. It also outlines how customers and dbWatch can collaborate to identify, report, and remediate potential issues.

Security Overview

dbWatch AS has implemented robust administrative, technical, and physical safeguards to protect customers against security incidents and privacy breaches—provided the product is used in accordance with dbWatch’s documented guidelines.

We recognize that no system is completely immune to evolving threats. Therefore, we view our customers as essential partners in ensuring the integrity and protection of their environments. Our ongoing efforts are guided by industry best practices and lifecycle security management principles, including:

• Privacy and Security by Design
• Product and Supplier Risk Assessments
• Vulnerability and Patch Management
• Secure Coding Practices and Static/Dynamic Analysis
• Vulnerability Scanning and Third-Party Testing
• Role-Based Access Controls
• Incident Response Planning
• Continuous Two-Way Communication with Customers

If you believe you’ve discovered a security or privacy concern in dbWatch Control Center (e.g., a vulnerability, data exposure risk, or configuration weakness), please report it promptly to our support team:

Email: support@dbwatch.com

We will assess the report, respond appropriately, and—if warranted—issue product updates, technical bulletins, or coordinated disclosures.

Purpose of This Section

This security section is intended to:

• Explain how dbWatch security practices are applied within Control Center
• Provide transparency on data handling, network exposure, encryption, and auditing
• Guide you in configuring dbWatch securely in your environment
• Support your internal compliance and risk management documentation
• Serve as a foundation for joint security improvements between you and dbWatch AS

To fully understand how the certificate infrastructure supports secure communication, see the Core Concepts & Architecture overview.

Security Documentation Contents

The following subsections provide detailed documentation for specific product security areas:

• Product Description
• Hardware Specifications
• Operating System
• Network Ports and Services
• Sensitive Data Transmitted
• Sensitive Data Stored
• Certificate Infrastructure
• Crypto Catalog
• Network Controls
• Encryption
• Audit Logging
• Remote Connectivity
• Disclaimer

Related Security Topics

While not part of this section, the following pages contain important security-related functionality and guidance:

• Release Notes
  Includes version changes, fixes, and security-relevant patches.

• Domain Configuration – Users and Privileges
  Details on setting up users, roles, and privilege controls in dbWatch.

• Auditing
  Guide to enabling internal auditing features for instance activity tracking.

• Internal Control Center Firewall
  How to use the built-in firewall for segmentation and access restriction between Control Center nodes.

Ongoing Commitment

Security is a shared responsibility. dbWatch continues to improve and refine its security practices as part of its development and support lifecycle. We welcome feedback, suggestions, and responsible disclosures that help protect our customers and their data.

For additional technical guidance or integration-specific security questions, contact us at:
support@dbwatch.com