Tool Tests DB2 Security
AppDetective scans applications and performs penetration tests and security audits on IBM database apps.Application Security Inc. on Monday rolled out an IBM DB2 version of its AppDetective application security vulnerability scanner. The scanning and penetration-testing software performs network-based penetration tests and security audits. AppDetective locates and identifies a variety of applications within a network, including those running on DB2 and Lotus Domino databases, as well as on databases from Oracle Corp., Microsoft Corp. and Sybase Inc. The software presents version numbers, patches and other inventory-specific information for use in security analysis. Security audits can be performed on target DB2 databases remotely from laptops or desktops. The tool produces reports with instructions on how to fix vulnerabilities with reference links to database vendors sites to ease the task of securing patches.
Aaron Newman, ASIs Chief Technology Officer, said that as IBM gains database market share with DB2, the need for securing these databases is growing. "With more organizations relying on IBM DB2 to store their most critical information, properly securing and keeping a watch over these databases is important," said Newman, in a statement. "AppDetective for IBM DB2 is an automated vulnerability assessment application scanner that empowers security practitioners and database administrators with an all-in-one solution to discover rogue DB2 installations [and to] check for accounts with weak passwords, misconfigurations and vulnerabilities."