Trustwave AppDetectivePRO
Identify and remediate vulnerabilities
Databases are an enticing target for cyber criminals, and many organizations fall short in protecting these critical repositories of customer information and intellectual property. AppDetectivePRO is database vulnerability assessment software that businesses use to identify and remediate vulnerabilities, configuration errors, rogue installations and access issues in their database deployments.
Overview:
Trustwave AppDetectivePRO is a database and big data store scanner that can immediately uncover configuration mistakes, identification and access control issues, missing patches or any toxic combination of settings that could lead to escalation-of-privilege or denial-of-service attacks, data leakage or unauthorized modification of data.
Because of its simple setup and intuitive interface, you don't have to be a database expert to use it. Immediately discover, assess and report on the security, risk or compliance posture of any database or big data store within your environment – either on premise or in the cloud – within minutes.
The quality of a database security solution directly correlates with the quality of its checks and tests. And a set of tests and checks is only as good as the research team that keeps it current. Trustwave SpiderLabs® is the leading database vulnerability research team in the industry and discovered 80 percent of the database vulnerabilities patched over the past four years. Our experts have discovered and reported hundreds of vulnerabilities in Oracle databases and dozens in Microsoft SQL Server, IBM DB2, MySQL, Sybase ASE and Hadoop.
AppDetectivePRO is equipped to fit your organization, no matter its shape or size. This includes:
Enterprises
Even some of the largest companies struggle with the maturity of their IT security programs. AppDetectivePRO helps solve this challenge by providing an easy-to-install scanner that can point to network segments, discover databases, scan them, find their issues, report on them and help remediate any discovered deficiencies.
Small and Midsize Businesses
When your IT staff is also your IT security staff, you need to automate scans. You also require best-of breed tools to help you uncover and repair weaknesses. No matter how small a database deployment you have, AppDetectivePRO offers security knowledge and an automated way to discover shortfalls – without the need to be an expert in database security.
Security Auditors and Risk Practices
AppDetectivePRO has long been used by security consultants to complete tasks such as compliance assessments and risk evaluations. These professionals recognize the database as a mission-critical asset that must be reviewed for vulnerabilities and other issues.
Supported Database Types
- Microsoft SQL Server
- Microsoft SQL Azure
- ORACLE
- SYBASE
- MySQL
- IBM|DB2
- hadoop
Why do our customers choose AppDetectivePRO for their database security needs?
Complete, Accurate and Intuitive
Discover new or rogue installations, develop security policies, perform safe penetration tests, audit for policy violations and deliver comprehensive reports on the security of your data stores from every possible angle.
Security, Compliance and Risk Reports
Creates or customizes a questionnaire from prepackaged security controls that are based on common industry standards and regulations. Questionnaire results are presented along with assessment results for a complete end-to-end report on the data store being reviewed.
Soup-to-Nuts Remediation
Facilitate action, from discovery to repair of any identified vulnerability or policy violation.
Data Security Knowledge Base
Acquire extensive and continuously updated analytics of relational databases and big data security best practices, configuration settings and vulnerabilities.
Flexible and Easy to Use
Agentless and doesn't rely on database administrator (DBA) expertise or privileges. It also features industry standard interfaces to integrate with existing security and IT operation solutions, and meets Common Vulnerabilities and Exposures (CVE) compatibility requirements.
Features:
Discover
Review: Seamlessly survey your environment's accessible assets, user access levels and security feature usage.
Inventory: Identify and highlight recently added, rogue or missing data store installations and objections.
Verification: Quickly ascertain the configuration state of all of your data stores (relational or big data).
Assess and Monitor
Flexibility: Obtain an agentless assessment approach with no impact on the target data store.
Reference Center: Access a comprehensive and continuously updated library of relational database and big data store vulnerability and security configuration issues – backed by our elite SpiderLabs research team.
Customization: Examine data stores for issues related to vulnerabilities, misconfigurations and user rights, thanks to built-in, personal policies.
Report
Visibility: Gain a consolidated view of vulnerabilities, threats, risks and compliance efforts across varied data store environments – through reports and dashboards.
Empowerment: Document your current status, and demonstrate progress, effectiveness and operational efficiency.
Granular: Evaluate trends and drill down for a comprehensive view of each individual database or group of databases.
Dig Deeper Into the Results
You're able to see scan results ordered by risk level for each asset and a complete knowledge base article about each finding.
Analyze Your Scan
View all of the assets you discovered in your session and a graphical representation of results from your latest scan.
Uncover Actionable Findings
Summary reports provide detailed information about each vulnerability unearthed during the scanning process.
Documentation:
Download the Trustwave AppDetectivePro Datasheet (PDF).
Download the Trustwave Database Risk Assessment Service Datasheet (PDF).