AppSecInc to Launch Database Security Suite
January 31, 2007
Application Security, Inc. will launch DbProtect, a new database security suite, at the RSA Conference in February of this year. DbProtect consolidates two technologies, AppDetective (a network-based, vulnerability assessment scanner) and AppRadar (a real-time intrusion detection and security auditing solution), into an integrated solution that provides comprehensive database security. Added features and functionality address top customer needs, including Tamper Evident Privileged Activity Monitoring for better insight into insider misuse and abuse, Patch Gap Management to make managing database vulnerabilities and patches more efficient across the enterprise and Application Awareness to enhance risk assessment at the database level.
Tamper Evident Privileged Activity Monitoring helps defend against misuse, fraud, and abuse from internal and external users. "Simply tracking privileged users isn't adequate. With that approach, youd miss most insider threats." explains Thom VanHorn, Director of Product Marketing for Application Security, Inc. "According to Forrester Research, over 70% of database attacks occur as a result of insider activity. These operators are informed enough about the database structure and the IT infrastructure to cloak their activity, steal what they need and remove the forensic trail to cover their tracks. Our solution, DbProtect, effectively frustrates that effort by tracking the activity, alerting on it and creating a separate permanent record of what was done." In this way, the DbProtect solution monitors all privileged activity in real-time and pro-actively alerts on suspicious actions.
Patch Gap Management assists with prioritization of database vulnerability patches and provides real-time activity monitoring. Large enterprises can have thousands of databases that need to be patched at the same time, an unrealistic scenario when you consider time and resource issues. In this environment, some sort of prioritization has to take place. The Patch Gap Management feature locates the databases, assesses the security posture of each, and enables the user to prioritize patch roll-out in an informed, logical manner. In addition, it monitors databases that have not been patched in real-time and alerts on suspicious activity. DbProtect also allows you to create and tune policies that make sense for your organization, while minimizing impact on your resources.
Application Awareness provides critical insight into IT infrastructure enabling organizations to better understand their database inventory, thereby mitigating compliance risk factors, and addressing database security needs.
Pricing for DbProtect has been simplified, eliminating many of the questions that arise when considering a database security solution. With DbProtect, you pay one price per database, per year. A $500 price incentive is provided to encourage the purchase of the suite, rather than the individual components.
DbProtect supports Oracle Database, SQL Server, IBM DB2 and Sybase ASE. It is available in beta versions now and will be generally available in Q2 2007.
For additional information, please visit http://www.appsecinc.com/.