From there the program performs a network discovery, which identifies SQL servers, Oracle servers and web servers. This program is different in that it does not detect web application vulnerabilities, but rather it looks for vulnerabilities in the back-end database.
The program also includes a fix script feature, which allows for faster remediation of vulnerabilities. AppDetective is part of a suite of products, including DB Protect, which provides activity monitoring, patch management and database encryption. These offerings work to protect the database after the scan in real time.
The installation of AppDetective also installed some necessary additional components, including XML and a form of SQL database. The application can also use Access for storing the results so an SQL install is not necessarily needed. The program installation was straightforward and only needed "next" to be clicked a few times.
Documentation is included electronically in the form of PDF files. The documentation is easy to follow and the layout is logical and probably necessary for most administrators. The documentation was indexed and searchable in the documents that we looked at and this made for an easier time finding necessary information.
Phone support is available and standard support of 9 a.m.-9 p.m. EST is included in the list price of the product. More support is available for an additional fee.
Support is also available through the company’s website at www.appsecinc.com and access to the portal is password protected. Email support is also available and we found it very fast in responding.
The pricing for the AppDetective offering was at the low end of the price spectrum with pricing beginning at just US$900. Since support and maintenance is included, the price is easily justified.
For: Easy install and a logical dashboard with great all-around support.
Against: First use of the product can be a bit confusing.
Verdict: This product is great for security analysis of a database, and the cost is at the very low end of products tested.