NEW YORK -- Application Security, Inc. (AppSecInc) (www.appsecinc.com), the leader in database security, today announced that the United States Department of Justice (DOJ) is utilizing the company’s vulnerability assessment scanner, AppDetective™ to reduce and manage database vulnerabilities throughout the agency.
Speaking about the decision to deploy AppSecInc’s solution, Dennis Heretick, chief information security officer for the DOJ said, “Our philosophy is one of building security into the operational process and building our validation testing into the implementation process. Tools such as AppDetective allow us to identify vulnerabilities in the [database] application and then verify that we have corrected them.”
“AppSecInc enables the DOJ to ground compliance efforts in the database applications that ultimately house its regulated data,” said Jack Hembrough, president and CEO of AppSecInc. “By establishing database controls, documenting their status, and promptly identifying violations, AppSecInc helps government organizations define best practices, document continuous improvement, and ensure prompt incident response – the hallmarks of any demonstrable, repeatable and effective compliance effort.”
Backed by a proven security methodology and extensive knowledge of database application-level vulnerabilities, AppDetective locates, examines, reports and fixes security holes and misconfigurations. As a result, enterprises and government IT groups can proactively harden their database applications while improving and simplifying routine audits.
Additionally, through AppDetective’s integration with AppSecInc’s database activity monitoring solution AppRadar™, organizations can enhance their security posture by utilizing AppRadar’s real-time monitoring and auditing capabilities. When deployed together, AppDetective and AppRadar allow organizations to specifically and automatically address the sensitive gap between vulnerability identification and remediation.
“AppSecInc’s comprehensive approach to database security tightly integrates real-time vulnerability intelligence with rigorous activity auditing to give security teams and application managers a high level of protection for sensitive information,” said Eric Ogren, security analyst with the Enterprise Strategy Group. “The timely and actionable information provided by AppSecInc is focused on the specific database environment – not reams of data that cannot be used.”