Latest news
Application Security announced the latest release of its database scanning tool, AppDetectivePro. Expanded capabilities and a new user interface provide security, risk and IT audit professionals with best-in-class database vulnerability, configuration and access control assessment.The new tool allows organizations to understand their security posture and capabilities to proactively remediate vulnerabilities and protect sensitive information.
AppDetectivePro enables easy and repeatable database security assessments, capturing results for all database security issues, ranked by risk, and generating comprehensive and customizable reports. Organizations are able to view vulnerabilities affecting compliance regulations, misconfigurations, identity and access controls, as well as issues that lead to privilege escalation.
“Unlike other solutions, AppDetectivePro not only verifies vulnerabilities within the database, but provides a deep configuration assessment,” states Josh Shaul, CTO with Application Security, Inc. “With this new release, we are helping our customers understand the vulnerabilities that are unique to their organization, as well as learn about missing patches and compliance issues, in a simple and cost-effective way.”
AppDetectivePro provides a unique vulnerability assessment that allows for both a pen test and audit. Through a pen test scan, AppDetectivePro provides a detailed view of vulnerabilities that could be potentially exploited by an attacker through an “outside-in” view.
For a complete security review, AppDetectivePro’s audit scan provides an analysis of vulnerabilities and issues that could lead to privilege escalation exploits through an “inside-out” analysis. Audit scans are performed needing only a read-only account on the database.
Beyond vulnerability assessment, AppDetectivePro provides a deep analysis of database configurations. Backed by AppSecInc’s SHATTER knowledgebase, the industry’s most complete library of database vulnerability and configuration issues, AppDetectivePro provides a detailed view of configuration issues, patch levels, and OS-related database issues. TeamSHATTER’s knowledgebase is updated on a regular basis through AppSecInc's ASAP Updates, ensuring that the most recent vulnerabilities can be identified and remediated.
Spotlight
Information security executives need to be strategic thinkers
Posted on 17 June 2013. | George Baker, the Director of Information Security at Exostar, talks about the challenges in working in a dynamic threat landscape, offers tips for aspiring infosec leaders, and more.
Large orgs in denial about own security breaches?
Posted on 14 June 2013. | Over two thirds (66%) of large organizations said they either had not experienced a security incident in the last 12-18 months or were unsure if they had.
Vulnerability scanning with PureCloud
Posted on 12 June 2013. | nCircle PureCloud is a cloud-based network security scanning product built upon the companies' vulnerability and risk management system IP360.
To hack back or not to hack back?
Posted on 12 June 2013. | If you think of cyberspace as a new resource for you and your organization, it makes sense to protect your part of it as best you can. But is it a good idea?
Reactions from the security community to the NSA spying scandal
Posted on 11 June 2013. | Read on for comments on this scandal that Help Net Security received from a variety of security professionals and analysts.
By subscribing to our early morning news update, you will receive a daily digest of the latest security news published on Help Net Security.
With over 500 issues so far, reading our newsletter every Monday morning will keep you up-to-date with security risks out there.
 |
