Application Security Inc. today announced the release of their real-time
intrusion detection and security auditing solution, AppRadar, version 2.0. This
latest version, which is being showcased at the RSA Conference in San Francisco
on Feb. 14-18, 2005, now supports Oracle and will be generally available in
March of this year.
Ted Julian, VP of Marketing for Application Security Inc. states,
"There are three forces driving the need to secure applications: the
demand for pervasive access, insider threats and compliance. It is crucial that
enterprises have a repeatable process to secure and audit applications (Gartner believes that more than 75%
of attacks are now at the application layer) and databases.
In brief, the new features in version 2.0 include:
-
Network-based
sensor - Previous versions offered a host-based sensor for SQLServer. Version
2.0 adds a network-based sensor for Oracle.
-
Built-in HIPPA
and Sarbanes-Oxley (SOX) polices - The built-in SOX and HIPPA polices are based
on best practices of customers and professional service provider partners and
can be easily edited by the end-user.
-
Wizard for custom rule creation - The wizards, which have been significantly
enhanced to help build custom rules for both platforms, look for and alert on
any user or system event.
-
Native database
auditing not required - Enterprises are not required to turn on native database
auditing, resulting in improved performance.
Architectures for network IDSs are largely signature based, which means they
are primarily focused on detecting known threats. AppRadar relies heavily on
application level signatures, which focus on the database explicitly. Application
Security Inc. achieved this by including in AppRadar
the more than thousand checks and tests from
its flagship AppDetective scanner vulnerability assessment scanner product.
The two products work together to close the loop on application vulnerability
management. AppDetective customers can
fine-tune AppRadar's monitoring with AppDetective's inventory of database
instances, including vulnerability details. This integration will be offered as
Beta with AppRadar 2.0.
AppRadar provides the capability to
create rules that look for specific activities, alerting on both users and activities.
Because the product sits right on the database, it is not limited to flagging outsider threats but can also detect misuse on the part of a
legitimate user.
Another major advancement with this
release is that a network-based sensor has been added for Oracle. Previously
the product had only a host-based sensor for SQL Server. Ted
Julian, VP of Marketing for Application Security Inc. states, "Our philosophy
going forward will be to build the right sensor for each platform."
The
aforementioned
AppRadar rule wizard can not only tighten security but also bolster regulatory requirements through the creation of specific rules to
monitor sensitive columns in the database. Not only does this allow
customers to establish
controls on particularly
sensitive and/or regulated data, but also track usage for auditing.
For additional information, please
visit http://www.appsecinc.com/.