Connect with us

Hi, what are you looking for?

SecurityWeekSecurityWeek

Audits

Application Security, Inc. Upgrades Database Audit & Security Products

Application Security Inc., announced product upgrades to its AppDetectivePro and DbProtect solutions this week at Oracle Open World in San Francisco.

Application Security, Inc.

Application Security Inc., announced product upgrades to its AppDetectivePro and DbProtect solutions this week at Oracle Open World in San Francisco.

Application Security, Inc.

AppDetectivePro 7, automates and streamlines the database audit process, providing enhanced contextual scanning and reporting capabilities that allow auditors to standardize their extensive processes.

The new capabilities in AppDetectivePro 7 reduce the manual effort and time associated with analyzing audit findings, and provide the ability to map audit control objectives to scan policies prior to running a scan. For organizations that require DIACAP compliance, AppDetectivePro 7 provides a built-in DISA-STIG (Defense Information Systems Agency Security Technical Implementation Guide) work plan framework that includes scan policies and questionnaire definitions for each database-specific version. This framework simplifies audits and reduces the time to compliance by consolidating all reporting requirements including CoBIT, COSO, and ISO 27002.

New AppDetectivePro 7 Capabilities Include:

• Work Plan Manager – Enables organizations to standardize the database audit process and control objectives, including the management of all questionnaires and scan policies.

• Questionnaire Editor – Allows users to pair business risk context with database scans. The questionnaire editor allows users to map control objectives to specific checks within their scan policies.

• Audit Findings Report – Delivers a database audit report, providing consolidated results for a complete audit that includes manual interview answers and scan results.

• SHATTER Knowledgebase Update – Built-in knowledgebase updates of vulnerability and configuration checks from a database security research team.

Advertisement. Scroll to continue reading.

• DISA-STIG Compliance – Provides a complete DISA-STIG Checklist Assessment, eliminating the need to run DISA’s SRR’s (Security Readiness Scripts), condensing all findings into one single report.

• Meets Regulatory Requirements – Meets compliance needs for regulations including HIPAA, SOX, FISMA, PCI-DSS, Mass 201 and more.

DbProtect

The company also announced that it has added a Rights Management Module to its flagship database security solution, DbProtect. The new module allows information security analysts, business managers, and database administrators (DBAs) to automate user entitlement reviews in enterprise database environments. The module helps organizations meet compliance regulations by mandating the implementation of strong access control measures, such as those required by the Payment Card Industry – Data Security Standard (PCI-DSS.)

“The new rights management module in DbProtect allows enterprise customers to quickly assess user entitlements and ensure the proper assignment of privileges,” said Josh Shaul, vice president of product management, AppSec.

The latest report from Verizon Business and the Secret Service identifies insiders as the cause of nearly half of all data breaches in 2009. By assessing database user rights and entitlements, enterprise organizations can enforce proper segregation of duties controls and ensure that employees, partners, and contractors only have access to the minimum amount of sensitive information necessary.

DbProtect allows organizations to secure data from internal and external threats and help meet regulatory compliance and audit requirements. DbProtect 6 is available immediately for Oracle and Microsoft SQL Server databases.

Written By

Click to comment

Trending

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Join the session as we discuss the challenges and best practices for cybersecurity leaders managing cloud identities.

Register

SecurityWeek’s Ransomware Resilience and Recovery Summit helps businesses to plan, prepare, and recover from a ransomware incident.

Register

Expert Insights

Related Content

Application Security

Cycode, a startup that provides solutions for protecting software source code, emerged from stealth mode on Tuesday with $4.6 million in seed funding.

Data Protection

The cryptopocalypse is the point at which quantum computing becomes powerful enough to use Shor’s algorithm to crack PKI encryption.

Artificial Intelligence

The CRYSTALS-Kyber public-key encryption and key encapsulation mechanism recommended by NIST for post-quantum cryptography has been broken using AI combined with side channel attacks.

Artificial Intelligence

ChatGPT is increasingly integrated into cybersecurity products and services as the industry is testing its capabilities and limitations.

Compliance

The three primary drivers for cyber regulations are voter privacy, the economy, and national security – with the complication that the first is often...

Compliance

Government agencies in the United States have made progress in the implementation of the DMARC standard in response to a Department of Homeland Security...

Network Security

Attack surface management is nothing short of a complete methodology for providing effective cybersecurity. It doesn’t seek to protect everything, but concentrates on areas...

Data Protection

While quantum-based attacks are still in the future, organizations must think about how to defend data in transit when encryption no longer works.