A penetration test reporting “no vulnerabilities found” might actually have been frighteningly close to owning you
San Diego, CA (PRWEB) June 13, 2013
DB Networks, an innovator of database security equipment, today announces the release of “How to Instrument for Advanced Web Application Penetration Testing”. The white paper is available for download at dbnetworks.com. Organizations currently use both penetration testing and application code scanning to identify security vulnerabilities in web applications. While neither approach is perfect, both do identify many issues developers need to address. Still, there’s no question that important vulnerabilities are being missed due to a lack of advanced instrumentation.
This white paper describes a new way to identify your most critical web application vulnerabilities faster and at lower cost by augmenting your penetration testing, vulnerability assessment, or dynamic application testing with deep visibility at the database tier. Instrumenting during web application penetration testing provides valuable insights into which exploits are actually penetrating your web applications and attempting to access your critical database assets. Without this instrumentation a penetration test reporting “no vulnerabilities found” might actually have been frighteningly close to owning you, but neither you nor the professional penetration tester would know precisely how close. In-depth visibility into the database tier highlights these “near misses” that require immediate attention.
About DB Networks
DB Networks is innovating complex behavioral analysis technology for database security. Developed for organizations who need to protect their data from advanced attacks, DB Networks ADF-4200 is an effective countermeasure against SQL Injection and database Denial of Service attacks. Traditional signature-based blacklisting security strategies have proven inadequate in addressing today's sophisticated database threats. Advanced threats are targeting databases for financial gain and to steal valuable corporate intellectual property. These attacks happen rapidly - in a matter of minutes - and bypass traditional security measures.
DB Networks is taking a very different approach through the use of behavioral analysis technology to automatically learn each application's proper SQL transaction behavior. Any SQL transaction which deviates from the established behavioral model immediately raises an alarm as an attack. This approach has proven to be highly accurate and able to identify extremely advanced database attacks. DB Networks is a privately held company headquartered in San Diego, California.
DB Networks is a registered trademark of DB Networks, Inc.
All other brand or product names are trademarks or registered trademarks of their respective holders.