Application Security Inc. today announced the release of their real-time intrusion detection and security auditing solution, AppRadar, version 2.0. This latest version, which is being showcased at the RSA Conference in San Francisco on Feb. 14-18, 2005, now supports Oracle and will be generally available in March of this year.
Ted Julian, VP of Marketing for Application Security Inc. states, "There are three forces driving the need to secure applications: the demand for pervasive access, insider threats and compliance. It is crucial that enterprises have a repeatable process to secure and audit applications (Gartner believes that more than 75% of attacks are now at the application layer) and databases.
In brief, the new features in version 2.0 include:
- Network-based sensor - Previous versions offered a host-based sensor for SQLServer. Version 2.0 adds a network-based sensor for Oracle.
- Built-in HIPPA and Sarbanes-Oxley (SOX) polices - The built-in SOX and HIPPA polices are based on best practices of customers and professional service provider partners and can be easily edited by the end-user.
- Wizard for custom rule creation - The wizards, which have been significantly enhanced to help build custom rules for both platforms, look for and alert on any user or system event.
- Native database auditing not required - Enterprises are not required to turn on native database auditing, resulting in improved performance.
Architectures for network IDSs are largely signature based, which means they are primarily focused on detecting known threats. AppRadar relies heavily on application level signatures, which focus on the database explicitly. Application Security Inc. achieved this by including in AppRadar the more than thousand checks and tests from its flagship AppDetective scanner vulnerability assessment scanner product. The two products work together to close the loop on application vulnerability management. AppDetective customers can fine-tune AppRadar's monitoring with AppDetective's inventory of database instances, including vulnerability details. This integration will be offered as Beta with AppRadar 2.0.
AppRadar provides the capability to create rules that look for specific activities, alerting on both users and activities. Because the product sits right on the database, it is not limited to flagging outsider threats but can also detect misuse on the part of a legitimate user.
Another major advancement with this release is that a network-based sensor has been added for Oracle. Previously the product had only a host-based sensor for SQL Server. Ted Julian, VP of Marketing for Application Security Inc. states, "Our philosophy going forward will be to build the right sensor for each platform."
The aforementioned AppRadar rule wizard can not only tighten security but also bolster regulatory requirements through the creation of specific rules to monitor sensitive columns in the database. Not only does this allow customers to establish controls on particularly sensitive and/or regulated data, but also track usage for auditing.
For additional information, please visit http://www.appsecinc.com/.