- HOME
- PROFILE
- GLOBAL THEMES
- SOLUTIONS
- INDUSTRIES
- PRODUCTS
- Hidden Menu
- Brand Overview
- Services Overview
- E-SPIN Product Line Card
- E-SPIN Ecosystem World Solution Portfolio Overview
- GitLab (DevOps, DevSecOps, VSM)
- Hex-Rays (IDA Pro, Hex-Rays Decompiler)
- Immunity (Canvas, Silica, Innuendo)
- Parasoft (automated software testing, AppSec)
- Tenable (Enterprise Vulnerability Management)
- Veracode (Application Security Testing)
- Cybersecurity, App Lifecycle, AppSec Management
- Infrastructure, Network, Wireless, Cloud Management
- Platform products
- Hidden Menu
- e-STORE
- CAREERS
- BLOG / NEWS
- CONTACT
AppDetective Pro
Trustwave AppDetectivePRO is a database and big data scanner that classify structure mistakes, identification and access control issues, missing patches, and any toxic combination of settings that could lead to escalation of privilege attacks, data leakage, denial-of-service (DoS), or the unauthorized modification of data held within data stores.
With a simple setup and an easy-to-use interface, its can discover, assess, and report on the security, risk, or compliance posture of any database or big data store within the environment - on premise or in the cloud - in minutes. AppDetectivePRO is an excellent addition to any existing security toolkit with its focus on relational databases and big data stores. It complements host or network operating system and static or dynamic application scanners.
Features Overview
Agentless Automated Data Scanning - Discover, assess and report on the security, risk or compliance posture of any database or big data store across your environment – on premises or in the cloud – in minutes.
Automated Questionnaire Development - Gain the flexibility to create new data security controls or customize from existing pre-built controls based on industry standards and regulatory requirements.
Assessment and Remediation Management - Close the loop on issues, from the initial discovery of databases and big data stores to the fixing of critical vulnerabilities or policy violations.
Complete, Accurate and Intuitive - Automate inventory, testing, information gathering and analysis to empower you with the intelligence needed to harden your data warehouses.
Auditing and User Rights Review - Acquire insight into your auditors’ findings even before the audit by using the database tool most frequently used by them.
Data Security Knowledgebase - Access extensive and continuously updated analytics and a knowledgebase of best practices, configuration settings and vulnerabilities.
Benefits
Through its simple setup and easy-to-use interface, you can immediately discover, assess, and report on the security, risk, or compliance posture of any database or big data store within your environment (on premise or in the cloud) in minutes.
Automated inventory, testing, information gathering, and analysis empower you with the intelligence to harden the security of your data stores.
Create or customize from a number of prepackaged data security controls based on industry standards and regulatory requirements.
Facilitates closing the loop from initial discovery of databases and big data stores to fixing the vulnerability or policy violation.
ASAP Updates - extensive and continuously updated analytics and knowledgebase of relational databases and big data security best practices, configuration settings, and vulnerabilities.
Solutions
Discover
Our data security solutions provide a complete inventory of data stores along with their respective objects, users and enabled security features within your organization.
- Easily review all of the accessible assets, user access levels, and security feature usage throughout your environment.
- Identify and highlight recently added, rogue or missing data store installations and objects.
- Quickly ascertain the configuration state of all your data stores (relational or big data).
Assess
Our products examine relational databases and big data stores for configuration mistakes, identification and
access control issues, missing patches, or any toxic combination of settings that could lead to escalation of
privileges attacks, data leakage, denial of service (DoS), or unauthorized modification of data.
We provide unique, agent-less, unauthenticated (network port inspection), and authenticated (credentialed) assessment approach with no impact on the target data store. This multifaceted approach provides an accurate assessment of the security of relational database or big data store.
We also include a comprehensive and continuously updated library of relational database and big data store vulnerability and security configuration issues backed by SpiderLabs. Through built-in and customized policies, users can examine data stores for vulnerability, configuration and user rights issues.
Report
Our product reports and dashboards provide a consolidated view of vulnerabilities, threats, risks, and compliance efforts across heterogeneous data store environments. They empower organizations to document their current status, demonstrate progress, effectiveness, and operational efficiency. Through our reporting and analytics platform, organizations can evaluate trends, and drill down for a detailed view of each individual database, group of databases, or databases of specific business units or groups within the enterprise.
- Intuitive, easy-to-configure and customize, rapidly
- Supports business objectives that include enterprise security and financial risk posture, operational efficiency, regulatory compliance, and strategic planning
System requirements
| Requirement |
Details |
| Operating System | • Windows Vista SP2, Windows 7 SP1, Windows 8* (64-bit)
• Windows 2008 Server SP2*, Windows 2008 Server R2 SP1* (64-bit) Note: Supports installing the embedded Microsoft SQL Server 2012 Express Edition. * Even if you are an Administrator user on the host, you must run the installer using the “Run as administrator” option. |
| Rights | To install AppDetectivePRO and perform an ASAP Update or upgrade of the software, you must have Administrative privileges on the Windows host. |
| Processor | Dual core processors 1.60 GHZ or higher |
| RAM | 3GB or higher |
| Hard Drive | • 400 MB of free disk space for installation
• 5GB and higher for scan data storage |
| Networking | • ASAP Update requires access to the internet
• Scan of asset(s) require network connection access to the asset(s) |
| Backend Database (Note: Optional) | When installing AppDetectivePRO you can configure it to install an embedded Microsoft SQL Server 2012 Express Edition that will be used specifically for the AppDetectivePRO installation or you can point it at an already installed Microsoft SQL Server instance on the host. Supported versions include:
• Microsoft SQL Server 2005 (Standard or Express editions) • Microsoft SQL Server 2008 (Standard or Express editions) • Microsoft SQL Server 2012 (Standard or Express editions) |
| Required Component | Microsoft .NET Framework 4.0
• If not installed already, then the AppDetectivePRO installer will install it. |
Target database and data store support
| Requirement | Details |
| Databases and Data Stores | • Oracle
• Microsoft SQL Server • IBM DB2 LUW • IBM DB2 z/OS • Sybase ASE • MySQL • Hadoop (New with Version 8.3) Contact [email protected] for details on version support |
| Operating Systems | AppDetectivePRO supports target databases and data stres on the following Operating Systems:
• Microsoft Windows Server • RedHat Enterprise Linux • Oracle Linux • HP-UX • Oracle Solaris • IBM AIX |
| Private Cloud Platforms | AppDetectivePRO supports target databases and data stores on the following Private Cloud environments:
• VMWare vSphere™ • Citrix XenServer • Microsoft Hyper-V® Cloud • Oracle VM • Redhat Enterprise Virtualization |
| Public Cloud Platforms | AppDetectivePRO supports target databases and data stores on the following Public Cloud environments:
• Amazon Elastic Compute Cloud (EC2) • Rackspace CloudServers™ |
AppDetectivePRO Version 9.1
2019-Apr-4
Trustwave AppDetectivePRO version 9.1 is now available and introduces new support for the following platforms:
- PostgreSQL 10
- MySQL 8
- SQL Server 2017 on Linux
With the launch of these new platforms, we are introducing our first to market support for the Microsoft Linux initiative with SQL Server 2017 on Linux and also User Rights Review for MySQL (version 8).
AppDetectivePRO version 9.0
2018-Nov-30
Trustwave is pleased to launch AppDetectivePRO version 9. This latest version of AppDetectivePRO introduces the following capabilities:
- Discovery, Audit Scan, and User Rights Review for Microsoft SQL Server 2017 installed on Windows.
- A frequently requested feature of locking the ASAP Updater. With this new release you will be able to disable ASAP Updates to the current versions that are installed. This feature may be helpful for older databases that you still want to scan.
- Additionally, AppDetectivePRO releases with Shatter KB 5.35 introduces:
- Three new policies
- CIS v1.0.0 for PostgreSQL 9.5
- DISA-STIG SQL Server 2014 V1R6-9
- DISA-STIG Oracle 12c V1R11
- Thirty-seven updated policies
- New checks for MySQL, and Oracle, PostgreSQL
- Three new policies
If you have already installed AppDetectivePRO 8.7 or higher, you can update to this latest version directly from the ASAP Updater within AppDetectivePRO. If you are updating from a version older than AppDetectivePRO 8.7 please refer to the User Guide for instructions.
E-SPIN Value Proposition
E-SPIN in the business of deliver end to end cybersecurity testing, include application security testing (AST), cover dynamic AST, static AST (secure code review / multi platform and programming technology support), interactive AST, mobile AST, source code analysis (SCA), IDE DevSecOps CI/CD integration, vulnerability security/assessment to penetration/exploitation testing, infrastructure/network/server/host/database testing to malware analysis and reversing for customer in all kind of industry and sectors for specific to generic requirements.
Feel free to contact E-SPIN for your specific project or operation requirements.