pgdsat v1.1 released

Posted on 2024-04-22 by HexaCluster
Related Open Source

Hanoi, Vietnam - April 19th, 2024

pgdsat - PostgreSQL Database Security Assessment Tool

pgdsat is a security assessment tool that checks around 80 PostgreSQL security controls of your PostgreSQL clusters including all recommendations from the CIS compliance benchmark but not only.

This PostgreSQL Security Assessment Tool allow assessments to be carried out in an automated manner to verify the security policies established inside the company. It also gives understanding of the security issued that your cluster can be faced.

It consists in a single command that must be run on the PostgreSQL server to collect all necessaries system and PostgreSQL information to compute a security assessment report. A report consist in a summary of all tests status and a second part with all detailed information. See a sample report.

This release adds new checks and fixes issues reported by users since the first release published for the event of FOSSASIA 2024 in Hanoi. New features:

  • Add cluster version mismatch check if --cluster is used.
  • Add a check to ensure a data anonymization extension is installed (pg_anonymize or anon).
  • Add check to ensure tablespace location is not inside the PGDATA.
  • Add statistics about checksum failures if any.
  • Double check the Unix socket permission on disk.
  • Add check to ensure that the public schema is protected in all database.

For the complete list of changes, please checkout the release note on

Links & Credits

pgdsat is an open project. Any contribution to build a better tool is welcome. You just have to send your ideas, features requests or patches using the GitHub tools.

Thank to the developers who submitted patches and users who reported bugs and feature requests, they are all cited in the ChangeLog file.


About pgdsat

The objective of pgdsat is to have an Open Source and free tool to help PostgreSQL users to enforce the security of their PostgreSQL clusters. Not all checks might correspond to your security policies but pgdsat aims to be a reference on which you can rely to check the compliance of security points with your policy.

Tool created at HexaCluster Corp and maintained by Gilles Darold.

pgdsat works on Linux platform and is available under the GPLv3 licence.