Application Security DbProtect v6.2
November 01, 2011
Application Security IncProduct:
DbProtect VM: $1,500; DbProtect RM: $1,500; DbProtect AM: $2,100
- Ease of Use:
- Value for Money:
- Overall Rating:
- Strengths: Business intelligence, analytic abilities, vulnerability knowledge base.
- Weaknesses: Alerting (in the version we tested); pricing is per database type.
- Verdict: A pleasing balance between network- and host-based scanning. Looks to scale nicely if one is in a standardized database environment.
DbProtect v6.2 is a software solution that combines discovery, vulnerability scanning, real-time audit and threat management to help organizations reduce risk and enhance compliance. The tool attempts to bring IT risk management principles to database security by accurately scanning databases, preventing breaches through rooting out vulnerabilities, misconfigurations and unauthorized user privileges before they can be exploited, and alerting on real-time threats with its activity monitoring and intrusion detection system (IDS) technologies.
We installed the product on our virtual Windows Server 2008. The deployment takes some time to install. One has to implement several modules, such as the console, knowledge base, scan engine and sensors. One also must install IBM Cognos v8 and Netflow Analyzer 7.5. All this is done through a wizard that guides admins through the entire process.
Once installed, the product goes out through the network scans, and finds and fingerprints all database instances. There is support for most database platforms. The main components include management for vulnerabilities, rights, audits and threats.
One of the strengths of this product is its use of analytics and business intelligence. This is built on top of IBM Cognos and works to correlate and tie all the data together to deliver valuable alerting.
The versions we reviewed lacked real-time active response and reporting. A new version shipped into general availability prior to our analysis, but we were unable to formally review v6.3. According to the release notes, active response is added, as is new and enhanced management reporting.
SC Magazine Articles
- Industry pros react to Cisco, Fortinet advisories after possible Snowden NSA leak
- WikiLeaks postings of Turkish emails included active links to malware
- U.S. government extends offer to protect states from electoral cyberthreats
- Trust exercise: Symantec's new website security expert is reaching out to hacker community
- Cisco shedding 7% of its workforce
- Microsoft Office 365 hit with massive Cerber ransomware attack, report
- CEO sacked after aircraft company grounded by whaling attack
- Microsoft warns of new, self-propagating ransomware in the wild
- Wendy's POS breach 'considerably' bigger than first thought
- After NSA leaks, a renewed interest in vulnerability disclosure
- USAA members hit with multiple phishing attacks
- Saving money on security software by improving cyber posture, report
- Two-thirds of IT security pros surveyed expect a breach to hit their company, report
- Epic hack, thousands of salted logins stolen