IT Pro is supported by its audience. When you purchase through links on our site, we may earn an affiliate commission. Learn more

Application Security DbProtect

Security is of vital importance for any company but keeping check on it is a challenge for the database administrator. DBProtect wants to make his or her life a lot easier. Should you let it?

Activity monitoring

This task is undertaken by AppRadar, which detects intrusions into the database by means of sensors placed on database server and/or on the network. These return data which is collated into a dashboard display of current activity and threats to which only authorised administrators have access. Notification of any attack or breach of policy are sent out immediately via various methods, including the dashboard display, email, SNMP or SYSLOG (a client-server protocol for sending log messages to an IP network). This makes it possible to respond quickly and minimise any loss or damage.


AppRadar can also implement an auditing scheme. Given the increasing regulatory requirements facing businesses, having software to shoulder some of the burden is becoming more of a necessity. Auditing is highly configurable, with granularity at the object, user or column level, and the ability to monitor changes including those to system tables, objects, configurations and permissions. The activity of DBA, SA and other logins can be captured, with the exception of access through a web application.


The Patch Gap Management feature is designed to help secure the system proactively against the latest database hole and threats. Using ASAP (Application Security Automatic Protection) updates you can prioritise the implementation of security patches and other defences against threats and receive reports on patching progress.


AppDetective is a vulnerability assessment scanner that inspects database applications and assesses their level of security. It can find, inspect, report on and even fix security holes and 'mis-configurations', working with Oracle, Microsoft SQL Server and MSDE, Sybase, IBM DB2, MySQL and Lotus Notes/Domino databases. AppDetective will build a complete inventory of such applications and can then perform a complete security audit by logging in to each and analysing patch levels, configuration settings and password strength. Sadly, a serious threat is that of internal attack and AppDetective's detailed analysis can tell an organisation how susceptible it is to this type of abuse.


Application Security also runs a research arm specialising in application vulnerability assessment and prevention. Team SHATTER (a welcome abbreviation of Security Heuristics of Application Testing Technology for Enterprise Research) researches anything that could compromise security and you can join its R&D mailing list from the AppSec web site.

The company also runs an on-line test area called the Hosted Evaluation Lab where you can try out DbProtect. You can run evaluations at your own pace in a secure virtual enterprise deployment where you can simulate various database audits, attack scenarios and security exploits.

What is it like to drive?

It is worth bearing in mind that DbProtect is a tool for the technically competent. If you are expecting a wizard driven, cuddly, GUI from which you can select well understood options and have your security magically checked and fixed, then you will be disappointed. In order to drive it, you are expected to know and type in a reasonable amount of configurational data about your servers and network. We're not for a minute suggesting that this is beyond our readership, just that the development team at Application Security has focused more on the functionality than on making the product cute and easy to drive. So don't give it to a student on the first day of their placement.


Do I like DbProtect? I think it is fabulous. For all of the reasons outlined above, I am delighted with the idea that I can 'employ' a security expert to watch my databases enabling me more time to focus on the data and the data structure. That alone is going win DbProtect more than a few fans.


Protecting your databases takes effort and there's no escape from that. It will obviously take investment of money, time and effort to install and learn software such as DbProtect, but once you've made the investment you'll be in a much better position to secure your valuable data.

OS: Centralized Management Interface runs under Microsoft Windows Server 2003, Microsoft Windows 2000 Server

Browser: Internet Explorer 6.0, 6.5, 7.0

Processor: Intel Pentium 1 GHz

Memory: 1GB RAM

Hard Drive Space: 150MB for program files, 3GB minimum for data repository database

Database requirements: Microsoft SQL Server 2000 SP4/2005 for data repository.

Databases supported: MySQL, Oracle Database, Sybase ASE, IBM DB2 UDB, Microsoft SQL Sever, Lotus Notes/Domino, Oracle Application Server 9iAS

Featured Resources

The 3D skills report

Add 3D skills to your creative toolkits and play a sizeable role in the digital future

Free Download

The increasing need for environmental intelligence solutions

How sustainability has become a major business priority and is continuing to grow in importance

Free Download

2022 State of the multi-cloud report

What are the biggest multi-cloud motivations for decision-makers, and what are the leading challenges

Free Download

Solve global challenges with machine learning

Tackling our word's hardest problems with ML

Free Download

Most Popular

Windows 10 users locked out of devices by unskippable Microsoft 365 advert

Windows 10 users locked out of devices by unskippable Microsoft 365 advert

3 Feb 2023
Why energy efficient technology is key to a sustainable business

Why energy efficient technology is key to a sustainable business

16 Jan 2023
What's powering Britain’s fibre broadband boom?
Network & Internet

What's powering Britain’s fibre broadband boom?

3 Feb 2023