Application Security announced the latest release of its database scanning tool, AppDetectivePro. Expanded capabilities and a new user interface provide security, risk and IT audit professionals with best-in-class database vulnerability, configuration and access control assessment.
The new tool allows organizations to understand their security posture and capabilities to proactively remediate vulnerabilities and protect sensitive information.
AppDetectivePro enables easy and repeatable database security assessments, capturing results for all database security issues, ranked by risk, and generating comprehensive and customizable reports. Organizations are able to view vulnerabilities affecting compliance regulations, misconfigurations, identity and access controls, as well as issues that lead to privilege escalation.
“Unlike other solutions, AppDetectivePro not only verifies vulnerabilities within the database, but provides a deep configuration assessment,” states Josh Shaul, CTO with Application Security, Inc. “With this new release, we are helping our customers understand the vulnerabilities that are unique to their organization, as well as learn about missing patches and compliance issues, in a simple and cost-effective way.”
AppDetectivePro provides a unique vulnerability assessment that allows for both a pen test and audit. Through a pen test scan, AppDetectivePro provides a detailed view of vulnerabilities that could be potentially exploited by an attacker through an “outside-in” view.
For a complete security review, AppDetectivePro’s audit scan provides an analysis of vulnerabilities and issues that could lead to privilege escalation exploits through an “inside-out” analysis. Audit scans are performed needing only a read-only account on the database.
Beyond vulnerability assessment, AppDetectivePro provides a deep analysis of database configurations. Backed by AppSecInc’s SHATTER knowledgebase, the industry’s most complete library of database vulnerability and configuration issues, AppDetectivePro provides a detailed view of configuration issues, patch levels, and OS-related database issues. TeamSHATTER’s knowledgebase is updated on a regular basis through AppSecInc’s ASAP Updates, ensuring that the most recent vulnerabilities can be identified and remediated.