Continuous database security and compliance

What is claimed is: 1. A method by one or more electronic devices to notify an administrator when it is safe to mitigate a non-compliant database configuration of a database, the method comprising: responsive to identifying the non-compliant database configuration of the database, applying a security rule that detects occurrences of database operations that make use of the non-compliant database configuration; and responsive to a determination that the security rule has not been invoked for at least a threshold length of time, causing a notification to be sent to the administrator that indicates that it is safe for the administrator to mitigate the non-compliant database configuration. 2. The method of claim 1 , wherein the determination that the security rule has not been invoked for the threshold length of time is based on a determination that no alerts or blocks associated with the security rule have been invoked for at least the threshold length of time. 3. The method of claim 1 , wherein the notification is displayed on an electronic device operated by the administrator. 4. The method of claim 3 , wherein the administrator is a database administrator (DBA) of the database. 5. The method of claim 1 , wherein the non-compliant database configuration is a configuration that grants a particular privilege to a particular user of the database, and wherein the security rule detects occurrences of database operations where the particular user attempts to make use of the particular privilege. 6. The method of claim 5 , wherein the notification indicates that it is safe for the administrator to reconfigure the database to revoke the particular privilege from the particular user. 7. The method of claim 1 , wherein the threshold length of time is at least one month. 8. The method of claim 1 , wherein the non-compliant database configuration is identified based on accessing a result of a database assessment scan performed on the database. 9. The method of claim 8 , wherein the database assessment scan detects database configurations that are not compliant with a database security benchmark. 10. The method of claim 1 , wherein the one or more electronic devices implement a database activity monitor, and wherein the security rule is applied while monitoring accesses to the database. 11. A set of one or more non-transitory computer readable storage media storing instructions which, when executed by one or more processors of one or more electronic devices, causes the one or more electronic devices to perform operations for notifying an administrator when it is safe to mitigate a non-compliant database configuration of a database, the operations comprising: responsive to identifying the non-compliant database configuration of the database, applying a security rule that detects occurrences of database operations that make use of the non-compliant database configuration; and responsive to a determination that the security rule has not been invoked for at least a threshold length of time, causing a notification to be sent to the administrator that indicates that it is safe for the administrator to mitigate the non-compliant database configuration. 12. The set of one or more non-transitory computer readable storage media of claim 11 , wherein the determination that the security rule has not been invoked for the threshold length of time is based on a determination that no alerts or blocks associated with the security rule have been invoked for at least the threshold length of time. 13. The set of one or more non-transitory computer readable storage media of claim 11 , wherein the notification is displayed on an electronic device operated by the administrator. 14. The set of one or more non-transitory computer readable storage media of claim 11 , wherein the non-compliant database configuration is a configuration that grants a particular privilege to a particular user of the database, and wherein the security rule detects occurrences of database operations where the particular user attempts to make use of the particular privilege. 15. The set of one or more non-transitory computer readable storage media of claim 14 , wherein the notification indicates that it is safe for the administrator to reconfigure the database to revoke the particular privilege from the particular user. 16. An electronic device configured to notify an administrator when it is safe to mitigate a non-compliant database configuration of a database, the electronic device comprising: one or more processors; and a non-transitory machine-readable storage medium having instructions stored therein, which when executed by the one or more processors, causes the electronic device to: responsive to identifying the non-compliant database configuration of the database, apply a security rule that detects occurrences of database operations that make use of the non-compliant database configuration and responsive to a determination that the security rule has not been invoked for at least a threshold length of time, cause a notification to be sent to the administrator that indicates that it is safe for the administrator to mitigate the non-compliant database configuration. 17. The electronic device of claim 16 , wherein the determination that the security rule has not been invoked for the threshold length of time is based on a determination that no alerts or blocks associated with the security rule have been invoked for at least the threshold length of time. 18. The electronic device of claim 16 , wherein the notification is displayed on an electronic device operated by the administrator. 19. The electronic device of claim 16 , wherein the non-compliant database configuration is a configuration that grants a particular privilege to a particular user of the database, and wherein the security rule detects occurrences of database operations where the particular user attempts to make use of the particular privilege. 20. The electronic device of claim 19 , wherein the notification indicates that it is safe for the administrator to reconfigure the database to revoke the particular privilege from the particular user.