Application Security, Inc. Releases AppDetective for Oracle

Oracle Discovery, Penetration Testing, and Vulnerability Assessment Scanner

New York, NY, January 2002 – Application Security, Inc. ( announces the availability of AppDetective for Oracle, Version 2.0, which is an application security scanner designed to perform network-based penetration tests and vulnerability assessments. Armed with a revolutionary security methodology and an extensive knowledgebase of Oracle security vulnerabilities, AppDetective easily locates, examines, reports, and helps fix database security holes and misconfigurations with the click of a button (coming soon for Microsoft SQL Server, Sybase, Lotus Domino, and IBM DB2).

“Oracle provides a rich set of security features, but claiming that it is ‘UNBREAKABLE’ gives database administrators a false sense of security,” said Aaron C. Newman, Chief Technology Officer of Application Security, Inc. and co-author of the Oracle Security Handbook. “Even the most vigilant database administrators don’t have the time and resources to properly lock down their Oracle databases.”

Automated Oracle Database Discovery and Inventory

AppDetective accurately locates and identifies a wide variety of applications within your network including Oracle databases. Version numbers, patch sets applied, host operating system type, as well as other key database information integral for inventory purposes is presented and utilized for further security analysis.

Anyone Can Now Perform an Oracle Security Examination

AppDetective is the world’s only security penetration testing and vulnerability assessment scanner of its kind. Regardless of database security expertise, AppDetective users are empowered to pro-actively perform automated non-intrusive attack simulations. “Zero knowledge” penetration tests and security audits can easily be performed on target Oracle databases remotely over the Internet from their laptop or desktop.

Easy-to-Generate and Easy-to-Understand Oracle Security Reports

AppDetective users are empowered to provide deliverables in the form of reports to communicate Oracle security vulnerabilities and misconfigurations to clients, colleagues, and everyone within their organization. AppDetective provides reports on the security of individual applications as well as across multiple applications providing a “birds-eye-view” of your environment. This is especially effective in checking for compliance of new regulations and requirements concerning data security and privacy within financial services (Gramm-Leach-Bliley Act), healthcare (Health Insurance Portability and Accountability Act a.k.a. HIPAA), and e-commerce (Visa Cardholder Information Security Program).

About Application Security, Inc.

Application Security, Inc. is an organization dedicated to the security, defense, and protection of the application layer. Solutions are provided to proactively secure (penetration testing/vulnerability assessment), actively defend/monitor (intrusion detection), and protect (encryption) your most critical applications including database, groupware, and ERP systems. Free evaluation versions of products are available for download at –

Contact: Stephen Grey,

Don't miss