August 01, 2007
Application Security, IncProduct:
£450 per database annually
- Ease of Use:
- Value for Money:
- Overall Rating:
- Strengths: Easy install and a logical dashboard, great all-around support
- Weaknesses: First use of the product can be a bit confusing
- Verdict: This product is great for security analysis of a database, and the cost is at the very low end of products tested
AppDetective primarily looks for security holes inside a number of popular database servers. The user interface then makes it easy to determine which steps of the scan should be performed next. The application also includes a penetration test feature, which truly performs a vulnerability assessment of the database.
We did have some initial trouble figuring out the correct menu to configure the network interface for the product to use. From there, the program performs a network discovery that identifies SQL, Oracle and web servers. This program is different in that rather than detecting web application vulnerabilities, it looks for vulnerabilities in the back-end database.
The solution also includes a fix-script feature that allows for faster remediation of vulnerabilities. AppDetective is part of a suite of products that also includes DB Protect, which provides activity monitoring, patch management and database encryption. These offerings work to protect the database after the scan in real time.
The installation of AppDetective also put in some necessary additional components, including XML and a kind of SQL database. The application can also use Access for storing the results, so you don't necessarily have to install SQL. The program installation was straightforward and only needed next to be clicked a few times.
Documentation is included electronically in the form of PDF files. The information is easy to follow, with a logical layout. The documentation is probably necessary for most administrators. The documents we looked at were indexed and searchable, which made finding the information we wanted a lot easier and quicker.
Phone assistance is available, and the list price for AppDetective includes standard support between 9am and 9pm. Additional support is available for a fee.
Support is also available through the vendor's website, and access to the portal is password-protected. Email support is also on offer, and we received a very fast response when we tested this.
The pricing for the AppDetective offering was at the low end of the price spectrum with, pricing beginning at just £450. Since support and maintenance is included in this price, we think it represents excellent value for money.
SC Webcasts UK
Sign up to our newsletters
SC Magazine UK Articles
- Social engineering: hacker tricks that make recipients click
- Security researcher blasts United Airlines' bug bounty programme
- Video: Young and gifted codebreakers compete in cyber-security masterclass final
- Five last minute retail risk mitigations for Black Friday weekend
- Win32/CompromisedCert.D is now certifiably Dell-stroyed
- ISSE Berlin: Germany to promote 'digital sovereignty'
- Purchasing cyber-insurance without a proven security system will leave businesses out of pocket
- Sophisticated Apple Phishing Email making the rounds
- ISSE Berlin: Safe Harbour II initial agreement expected
- 2015 worst year in history for Mac malware