Application Security, Inc. (AppSecInc) has updated its database scanning tool, AppDetectivePro, with expanded capabilities and a new user interface. The new tool allows organizations to quickly and easily understand their security posture and capabilities to proactively remediate vulnerabilities and protect sensitive information.
AppDetectivePro enables easy and repeatable database security assessments, capturing results for all database security issues, ranked by risk, and generating comprehensive and customizable reports. Organizations are able to view vulnerabilities affecting compliance regulations, misconfigurations, identity and access controls, as well as issues that lead to privilege escalation.
“Unlike other solutions, AppDetectivePro not only verifies vulnerabilities within the database, but provides a deep configuration assessment,” states Josh Shaul, CTO with Application Security, Inc. “With this new release, we are helping our customers understand the vulnerabilities that are unique to their organization, as well as learn about missing patches and compliance issues, in a simple and cost-effective way.”
AppDetectivePro provides a vulnerability assessment that allows for both a pen test and audit. Through a pen test scan, AppDetectivePro provides a detailed view of vulnerabilities that could be potentially exploited by an attacker through an “outside-in” view. For a complete security review, AppDetectivePro’s audit scan provides a deeper analysis of vulnerabilities and issues that could lead to privilege escalation exploits through an “inside-out” analysis. Audit scans are performed needing only a read-only account on the database.
Beyond vulnerability assessment, AppDetectivePro provides a deep analysis of database configurations. Backed by AppSecInc’s SHATTER knowledgebase, the industry’s most complete library of database vulnerability and configuration issues, AppDetectivePro provides a detailed view of configuration issues, patch levels, and OS-related database issues. TeamSHATTER’s knowledgebase is updated on a regular basis through AppSecInc's ASAP Updates, ensuring that the most recent vulnerabilities can be identified and remediated.
AppDetectivePro’s policy editor works hand-in-hand with the TeamSHATTER knowledgebase, allowing users to customize controls based on their business needs and report on those controls.
Enhancing identity and access management, AppDetectivePro provides a detailed view of an organization’s data ownership, access controls, and rights to sensitive information across all major database platforms, and allows organizations to protect the database, while meeting compliance regulations by resetting user access controls and privileges to only the minimum database access required for employees to do their jobs.
AppDetectivePro 8.0 is generally available and is part of the AppDetectivePro platform. For further information, visit http://info.appsecinc.com/rs/appsecinc/images/DS-AppDetectivePro.pdf