Click here to monitor SSC
SQLServerCentral is supported by Red Gate Software Ltd.
 
Log in  ::  Register  ::  Not logged in
 
 
 
        
Home       Members    Calendar    Who's On


Add to briefcase

Is anyone using AppDetective PRO for scanning SQL vulnerabilities? Expand / Collapse
Author
Message
Posted Monday, February 24, 2014 9:45 AM
SSC-Enthusiastic

SSC-EnthusiasticSSC-EnthusiasticSSC-EnthusiasticSSC-EnthusiasticSSC-EnthusiasticSSC-EnthusiasticSSC-EnthusiasticSSC-Enthusiastic

Group: General Forum Members
Last Login: Thursday, November 20, 2014 8:17 AM
Points: 168, Visits: 695
I'm currently evaluating this security product for SQL. Seems very robust - just wondered if anyone else has any experience with it or anything like it? it performs PCI, SOX, Brute Force Pen Tests and many more types of scans.
Post #1544613
Posted Monday, March 3, 2014 3:02 PM


SSC-Enthusiastic

SSC-EnthusiasticSSC-EnthusiasticSSC-EnthusiasticSSC-EnthusiasticSSC-EnthusiasticSSC-EnthusiasticSSC-EnthusiasticSSC-Enthusiastic

Group: General Forum Members
Last Login: Friday, November 21, 2014 11:24 AM
Points: 153, Visits: 981
I have not heard of that one. Maybe, if you can provide a link to a Trial, I could check it out.
But frankly I have not had a convincing experience with any of such products yet. Each lacks one or the other.
Make sure you also run manual tests.
If you mean it, I'd advise to also go for intrusion detection - not just prevention.


Andreas

---------------------------------------------------
MVP SQL Server
Microsoft Certified Master SQL Server 2008
Microsoft Certified Solutions Master Data Platform, SQL Server 2012
www.insidesql.org/blogs/andreaswolter
www.andreas-wolter.com
Post #1547104
Posted Wednesday, March 5, 2014 7:11 AM
SSC-Enthusiastic

SSC-EnthusiasticSSC-EnthusiasticSSC-EnthusiasticSSC-EnthusiasticSSC-EnthusiasticSSC-EnthusiasticSSC-EnthusiasticSSC-Enthusiastic

Group: General Forum Members
Last Login: Thursday, November 20, 2014 8:17 AM
Points: 168, Visits: 695
Here is a link to the product page, although I think you have to contact them for a trial.

What methods are you using for intrusion detection - at the database level?
Post #1547784
Posted Wednesday, March 5, 2014 3:02 PM


SSC-Enthusiastic

SSC-EnthusiasticSSC-EnthusiasticSSC-EnthusiasticSSC-EnthusiasticSSC-EnthusiasticSSC-EnthusiasticSSC-EnthusiasticSSC-Enthusiastic

Group: General Forum Members
Last Login: Friday, November 21, 2014 11:24 AM
Points: 153, Visits: 981
Thank you
Too bad. That lowers the chance that I’ll find time for it. But I think I’ll ask them.
But I stay skeptical. I have read similar about McAfees Security Suite.. and taking a look at it, it turned out to be very very low level…

I use a mixture of tools like sqlmap, Microsoft Assessment & Planning Toolkit, built-in Auditing and manual checks



Andreas

---------------------------------------------------
MVP SQL Server
Microsoft Certified Master SQL Server 2008
Microsoft Certified Solutions Master Data Platform, SQL Server 2012
www.insidesql.org/blogs/andreaswolter
www.andreas-wolter.com
Post #1548035
« Prev Topic | Next Topic »

Add to briefcase

Permissions Expand / Collapse