Application Security, Inc. (AppSec) has pioneered database security, risk, and compliance solutions for the enterprise. AppSec empowers organizations to assess, monitor and protect their most critical database assets in real time, while simplifying audits, monitoring risk, and automating compliance requirements.

DbProtect Solution Overview

DbProtect is a database security, risk and compliance platform designed to meet the needs of large heterogeneous enterprises.  DbProtects’s risk management framework, security controls, continuous controls monitoring, and governance make it the leading solution on the market today. Forrester Research has stated that “Application Security, Inc. offers the industry’s most comprehensive database security solution.”

The Only Complete Database Security, Risk, and Compliance Solution

A centrally-managed enterprise solution for comprehensive database security, risk and compliance, the DbProtect platform consists of five modules:

  • Asset Management
  • Vulnerability Management
  • Audit & Threat Management
  • Policy Management
  • Reporting & Analytics

Asset Management

DbProtect’s Asset Management module provides complete visibility of all databases on the corporate network. Leveraging an agentless, zero-knowledge network-based discovery scanner, DbProtect Asset Management finds and identifies every database on the network.

Vulnerability Management

DbProtect’s Vulnerability Management module is the foundation of AppSec’s Database Security, Risk & Compliance platform. Offering unparalleled database assessment, DbProtect’s agentless solution locates, examines, reports on, and fixes security holes and misconfigurations in any database.

DbProtect Vulnerability Management is backed by the SHATTER knowledgebase, the most extensive set of database vulnerability and misconfiguration checks and rules on the market. AppSec’s ASAP Update mechanism ensures protection remains current. As new vulnerabilities and exploits are identified and database patches are released, DbProtect is systematically updated to ensure the latest protection for critical database assets.

Key features: DbProtect’s Vulnerability Management

  • Support for all major database platforms
  • Database penetration testing (non-credentialed, outside in scans, i.e. hacker’s view)
  • Database auditing (credentialed scans)
  • Database vulnerability remediation scripts
  • Industry leading vulnerability knowledgebase

Audit and Threat Management

DbProtect’s Audit & Threat Management module monitors privileged user activities, identifies unusual or suspicious behavior, and alerts on attacks and attempts to exploit database vulnerabilities. Backed by the same SHATTER knowledgebase that drives DbProtect Vulnerability Management, DbProtect Audit & Threat management offers best-in-class data protection and compliance reporting.

Key features: DbProtect’s Audit and Threat Management

  • Integrated real-time auditing, activity monitoring and threat management
  • IDS capabilities based on extensive vulnerability knowledgebase
  • Flexible deployment architecture
  • Designed for minimal performance impact
  • Policy based model, simplifies compliance and eliminates false positives
  • Security and compliance policy templates simplify implementation
  • Automate reporting and alert integration via Syslog, SNMP and SMTP

Policy Management

DbProtect’s Policy Management module allows organizations to accelerate Database Security, Risk and Compliance initiatives with templates for scanning and monitoring databases in accordance with industry “best practices” and compliance standards including NIST 800.53, DISA STIG, PCI-DSS, Sarbanes-Oxley, HIPAA, and GLBA. Organizations can also leverage DbProtect’s customization capabilities to tailor scanning and monitoring policies to their specific needs, easily implementing internal configuration standards, tuning scans for particular applications, and even extending the capabilities of DbProtect by writing custom checks and rules.

Intelligence and automation features differentiate DbProtect Policy Management from other vulnerability assessment solution on the market. By analyzing the results of vulnerability scans, DbProtect is capable of creating and tuning database monitoring policies to alert on, and react to, attempts to exploit known vulnerabilities in a protected database system. This application specific intrusion detection capability reduces false-positives to near zero, without requiring labor intensive manual configuration and human analysis of every SQL statement executed on a database server while a traditional behavioral analysis-based DAM solution sits in learning mode.

Analytics & Reporting

DbProtect’s Analytics & Reporting module provides a consolidated picture of vulnerabilities, threats, risk, and compliance efforts across the heterogeneous database environments found within today’s enterprises. An easy-to-use interface composed of interactive dashboards and reports provides summaries of data gathered from across the enterprise. This feature allows executives to quickly ascertain where and how resources should be marshaled to most effectively reduce risk and implement compliance requirements around the database. Drill downs and detail reports offer a complete picture of each individual database or group of databases. DBAs and IT Security Analysts are provided with the level of detail they require, without burdening managers and executives with unnecessary details.

DbProtect Analytics & Reporting offers built-in and customizable Compliance reports, Risk reports, Inventory reports, Policy Reports and User Activity reporting. Reports can be scheduled and automatically emailed to the appropriate personnel as required.

Key features: DbProtect Analytics & Reporting

  • High-level data visualization via Security, Compliance, and Operations Dashboards
  • Dozens of built-in reports including Executive Level roll-ups, Director Level summaries, and IT level detailed reports
  • Dozens of built-in reports including Executive Level roll-ups, Director Level summaries, and IT level detailed reports
  • Compliance reports, Risk reports, Inventory reports, Policy Reports and User Activity reporting
  • Reports can be scheduled and automatically emailed to the appropriate personnel as required

Supported Platforms

  • Oracle
  • Microsoft SQL Server
  • DB2 LUW
  • DB2 z/OS and OS/390
  • Sybase
  • MySQL
  • Lotus Notes/Domino

White Papers

Available Here
Privacy-Assured welcomes any support related questions or concerns. Your general support issues can be directed to

Application Security Products

If you have specific questions or concerns in regards to the Application Security products we offer. Please feel free to contact Application Security Inc. directly:

Application Security Inc. Online Support

Scroll to Top