Review: Application Security, Inc.'s DbProtect 2007

By

Application Security's DbProtect 2007 is a suite of enterprise database security products that helps organisations discover and manage database vulnerabilities.

For: Flexible configuration options, good integration with other DbProtect tools
Against: May preclude some customers with specific web application needs
Verdict: A top enterprise-class database security management solution, we rate DbProtect 2007 Recommended

Review: Application Security, Inc.'s DbProtect 2007
The product consists of a network-based database vulnerability-assessment tool, a database-monitoring element and a central management console.

We tested the database vulnerability scanner and central management console. The monitoring component of this product was not part of this group review.

Installation is fairly straightforward. The web-based management console installs on Windows server platforms 2000 and above, and requires MS SQL 2000 or 20005 as the backend. Vulnerability scanning engines can be installed on Windows 2000 Professional, XP or any Windows server platform 2000 or above. Overall, the interfaces are slick and easy to navigate.

This particular product does not target source code, application pages or web services, but is specifically aimed at database servers. It is compatible with all the popular databases that most organisations will use in production.

In our testing, the product performed flawless discovery and auditing of our databases. The list of vulnerabilities and possible configuration weaknesses found within the supported target databases is impressive.

The centralised management and role based access control over user privileges provides true enterprise-management capabilities. Reporting and compliance templates are top-quality, along with very flexible tuning and customisation. Non-intrusive penetration testing is a nice value-added feature.

Documentation is in PDF format and is useful, containing a good mix of text and screenshots. However, screenshots within the help files are often difficult to read and sometimes even illegible, which somewhat reduces their usefulness.

Pricing for DbProtect starts at US$3,000 for each database instance. The overall cost will be exponentially higher for larger environments that often contain numerous unique development, test and production database instances.

Pricing is on the high side because of the inclusion of database monitoring within DbProtect, which we did not test for this review.
Got a news tip for our journalists? Share it with us anonymously here.
Tags:
security

Sponsored Whitepapers

Futureproof Your Business with Datacom and AMD: Seamless Windows 11 Transition
Futureproof Your Business with Datacom and AMD: Seamless Windows 11 Transition
See everything. Do more.
See everything. Do more.
Lindentech Secures Digital Identity with Zero Trust and Microsoft Entra
Lindentech Secures Digital Identity with Zero Trust and Microsoft Entra
Diamond IT Delivers GRC Transformation with Microsoft Purview
Diamond IT Delivers GRC Transformation with Microsoft Purview
Linktech Powers Energy Trader’s Essential Eight Compliance in Just Eight Weeks
Linktech Powers Energy Trader’s Essential Eight Compliance in Just Eight Weeks

Events

Most Read Articles

Woolworths' CSO is Optus-bound

Woolworths' CSO is Optus-bound
Australia's super funds told to assess authentication controls

Australia's super funds told to assess authentication controls
Hackers abuse modified Salesforce app to steal data, extort companies

Hackers abuse modified Salesforce app to steal data, extort companies
The Northern Beaches Women's Shelter hones focus on tech-enabled abuse

The Northern Beaches Women's Shelter hones focus on tech-enabled abuse
techpartner.news logo
Dave Stevens on Brennan's evolution and the need for Aussie tech unity
Dave Stevens on Brennan's evolution and the need for Aussie tech unity
Sydney's ITKnocks on contact centre AI and the slow death of the IVR
Sydney's ITKnocks on contact centre AI and the slow death of the IVR
"It's an exciting time to be part of the health and aged care sector"
"It's an exciting time to be part of the health and aged care sector"
Insicon founder Matt Miller on the coming 'tsunami' of compliance and educating boards about cyber security
Insicon founder Matt Miller on the coming 'tsunami' of compliance and educating boards about cyber security
Orro claims Australia first with managed digital asset discovery service
Orro claims Australia first with managed digital asset discovery service

Log In

  |  Forgot your password?