August 01, 2007
Application Security, IncProduct:
£450 per database annually
- Ease of Use:
- Value for Money:
- Overall Rating:
- Strengths: Easy install and a logical dashboard, great all-around support
- Weaknesses: First use of the product can be a bit confusing
- Verdict: This product is great for security analysis of a database, and the cost is at the very low end of products tested
AppDetective primarily looks for security holes inside a number of popular database servers. The user interface then makes it easy to determine which steps of the scan should be performed next. The application also includes a penetration test feature, which truly performs a vulnerability assessment of the database.
We did have some initial trouble figuring out the correct menu to configure the network interface for the product to use. From there, the program performs a network discovery that identifies SQL, Oracle and web servers. This program is different in that rather than detecting web application vulnerabilities, it looks for vulnerabilities in the back-end database.
The solution also includes a fix-script feature that allows for faster remediation of vulnerabilities. AppDetective is part of a suite of products that also includes DB Protect, which provides activity monitoring, patch management and database encryption. These offerings work to protect the database after the scan in real time.
The installation of AppDetective also put in some necessary additional components, including XML and a kind of SQL database. The application can also use Access for storing the results, so you don't necessarily have to install SQL. The program installation was straightforward and only needed next to be clicked a few times.
Documentation is included electronically in the form of PDF files. The information is easy to follow, with a logical layout. The documentation is probably necessary for most administrators. The documents we looked at were indexed and searchable, which made finding the information we wanted a lot easier and quicker.
Phone assistance is available, and the list price for AppDetective includes standard support between 9am and 9pm. Additional support is available for a fee.
Support is also available through the vendor's website, and access to the portal is password-protected. Email support is also on offer, and we received a very fast response when we tested this.
The pricing for the AppDetective offering was at the low end of the price spectrum with, pricing beginning at just £450. Since support and maintenance is included in this price, we think it represents excellent value for money.
SC Webcasts UK
Sign up to our newsletters
SC Magazine UK Articles
- Britain hit hard as cyber-attacks rise 40 percent
- Nearly 100 Oracle product vulnerabilities require patches
- London police chief admits cyber-crime failings
- Prison escape via mobile phone highlights social engineering vulnerability
- RSA 2015: Cyber-security professionals identify cyber-criminals as biggest threat