August 01, 2007
Application Security, IncProduct:
£450 per database annually
- Ease of Use:
- Value for Money:
- Overall Rating:
- Strengths: Easy install and a logical dashboard, great all-around support
- Weaknesses: First use of the product can be a bit confusing
- Verdict: This product is great for security analysis of a database, and the cost is at the very low end of products tested
AppDetective primarily looks for security holes inside a number of popular database servers. The user interface then makes it easy to determine which steps of the scan should be performed next. The application also includes a penetration test feature, which truly performs a vulnerability assessment of the database.
We did have some initial trouble figuring out the correct menu to configure the network interface for the product to use. From there, the program performs a network discovery that identifies SQL, Oracle and web servers. This program is different in that rather than detecting web application vulnerabilities, it looks for vulnerabilities in the back-end database.
The solution also includes a fix-script feature that allows for faster remediation of vulnerabilities. AppDetective is part of a suite of products that also includes DB Protect, which provides activity monitoring, patch management and database encryption. These offerings work to protect the database after the scan in real time.
The installation of AppDetective also put in some necessary additional components, including XML and a kind of SQL database. The application can also use Access for storing the results, so you don't necessarily have to install SQL. The program installation was straightforward and only needed next to be clicked a few times.
Documentation is included electronically in the form of PDF files. The information is easy to follow, with a logical layout. The documentation is probably necessary for most administrators. The documents we looked at were indexed and searchable, which made finding the information we wanted a lot easier and quicker.
Phone assistance is available, and the list price for AppDetective includes standard support between 9am and 9pm. Additional support is available for a fee.
Support is also available through the vendor's website, and access to the portal is password-protected. Email support is also on offer, and we received a very fast response when we tested this.
The pricing for the AppDetective offering was at the low end of the price spectrum with, pricing beginning at just £450. Since support and maintenance is included in this price, we think it represents excellent value for money.
SC Webcasts UK
Senior Accreditor, Security Risk and Assurance Manager
Disclosure & Barring Service - Liverpool, Merseyside
DV Cleared Systems Architect - 6 Months - London
Computerfutures - London (North), London (Greater)
CISO – Chief Information Security Officer (Up to £100K)
Evolution Recruitment - London (North), London (Greater)
Head of Security Strategy – London
Evolution Recruitment - London (West), London (Greater)
Information Security Manager
Infosec People - Hammersmith, West London
Sign up to our newsletters
SC Magazine UK Articles
- Krebs dropped by Akamai for record DDoS attack, OVH suffers 1100 Gbps DDoS
- NSA hacking tools used against Cisco customers
- WordPress plugin update leads to thousands of sites exposing users to adware
- The Internet of Things, cyber-security and the role of the CIO
- Gov-funded boot camp for cyber-security entrepreneurs graduates first intake
- It's a trap! WhatsApp Gold 'premium' version lures users to malware
- SC Awards Europe 2016 winners announcements!
- Microsoft ends common password use and password lockout
- ISIS radicalises 'lone wolves' through strong social media presence
- 1.5 billion Windows computers potentially affected by unpatched 0-day exploit