DOJ Locks Down DBs

Application Security announced that the United States DOJ is utilizing the company's vulnerability assessment scanner

Dark Reading Staff, Dark Reading

August 14, 2006

2 Min Read

NEW YORK -- Application Security, Inc. (AppSecInc) (, the leader in database security, today announced that the United States Department of Justice (DOJ) is utilizing the company’s vulnerability assessment scanner, AppDetective™ to reduce and manage database vulnerabilities throughout the agency.

Speaking about the decision to deploy AppSecInc’s solution, Dennis Heretick, chief information security officer for the DOJ said, “Our philosophy is one of building security into the operational process and building our validation testing into the implementation process. Tools such as AppDetective allow us to identify vulnerabilities in the [database] application and then verify that we have corrected them.”

“AppSecInc enables the DOJ to ground compliance efforts in the database applications that ultimately house its regulated data,” said Jack Hembrough, president and CEO of AppSecInc. “By establishing database controls, documenting their status, and promptly identifying violations, AppSecInc helps government organizations define best practices, document continuous improvement, and ensure prompt incident response – the hallmarks of any demonstrable, repeatable and effective compliance effort.”

Backed by a proven security methodology and extensive knowledge of database application-level vulnerabilities, AppDetective locates, examines, reports and fixes security holes and misconfigurations. As a result, enterprises and government IT groups can proactively harden their database applications while improving and simplifying routine audits.

Additionally, through AppDetective’s integration with AppSecInc’s database activity monitoring solution AppRadar™, organizations can enhance their security posture by utilizing AppRadar’s real-time monitoring and auditing capabilities. When deployed together, AppDetective and AppRadar allow organizations to specifically and automatically address the sensitive gap between vulnerability identification and remediation.

“AppSecInc’s comprehensive approach to database security tightly integrates real-time vulnerability intelligence with rigorous activity auditing to give security teams and application managers a high level of protection for sensitive information,” said Eric Ogren, security analyst with the Enterprise Strategy Group. “The timely and actionable information provided by AppSecInc is focused on the specific database environment – not reams of data that cannot be used.”

Application Security Inc.

About the Author(s)

Dark Reading Staff

Dark Reading

Dark Reading is a leading cybersecurity media site.

Keep up with the latest cybersecurity threats, newly discovered vulnerabilities, data breach information, and emerging trends. Delivered daily or weekly right to your email inbox.

You May Also Like

More Insights