<< Return to Application Security Inc. AppDetectivePro

Application Security Inc. AppDetectivePro

Peter Stephenson

8/1/2007

Adjust Font Size: A | A | A

Product Information

Vendor:Application Security Inc.

Product:AppDetectivePro

Price:starts at $900

Product Rating

Features
Ease of Use
Performance
Documentation
Support
Value for Money
Overall Rating

For:Easy install and a logical dashboard with great all-around support.

Against:First use of the product can be a bit confusing.

Verdict:This product is great for security analysis of a database, and the cost is at the very low end of products tested.

Related Group Test

Application vulnerability assessment 2007

Reviews For This Vendor

AppDetectivePro primarily looks for security holes inside of a number of popular database servers. The user interface makes it easy to determine which steps of the scan should be performed next. The application also includes a pen test feature, which truly performs a vulnerability assessment of the database. We did have some initial trouble figuring out the correct menu to configure the network interface for the product to use. From there the program performs a network discovery, which identifies SQL servers, Oracle servers and web servers. This program is different in that it does not detect web application vulnerabilities, but rather it looks for vulnerabilities in the back-end database. The program also includes a fix script feature, which allows for faster remediation of vulnerabilities. AppDetectivePro is part of a suite of products, including DbProtect, which provides activity monitoring, patch management and database encryption. These offerings work to protect the database after the scan in real time.

The installation of AppDetectivePro also installed some necessary additional components, including XML and a form of SQL database. The application can also use Access for storing the results so an SQL install is not necessarily needed. The program installation was straightforward and only needed "next" to be clicked a few times.

Documentation is included electronically in the form of PDF files. The documentation is easy to follow and the layout is logical and probably necessary for most administrators. The documentation was indexed and searchable in the documents that we looked at and this made for an easier time finding necessary information.

Phone support is available and standard support of 9 a.m.-9 p.m. EST is included in the list price of the product. More support is available for an additional fee. Support is also available through the company’s website at www.appsecinc.com and access to the portal is password protected. Email support is also available and we found it very fast in responding.

The pricing for the AppDetectivePro offering was at the low end of the price spectrum with pricing beginning at just $900. Since support and maintenance is included, the price is easily justified.