AppSentry™ for the Oracle E-Business Suite
detects security risks and vulnerabilities within Oracle Applications
and its technology stack – database, application server, web
server, and operating system. With over 300 audits and checks specifically
written for Oracle Applications, AppSentry automates and streamlines
the identification of vulnerabilities to an extent not previously possible.
Vulnerability Testing (External)
AppSentry uses advanced penetration testing techniques
to discover security risks in the operating system, web servers, application
servers, databases, and application. Tests for known exploits and configuration
errors are performed externally to the application in an attempt to
break-in. Common and well-known network ports, web server directories,
and database accounts are probed to identify vulnerabilities in the
configuration. Many of the tests are specific to the Oracle E-Business
Suite, thus missed by most other security scanners. The password module
will brute-force operating system, web server, database, and application
authentication using either default passwords, dictionary attacks,
or a password list.
Application Validation (Internal)
AppSentry knows the application it is validating – its
technology and data model. The security audits and checks are written
specifically for the application – the Oracle E-Business Suite.
Application validation looks at the entire application configuration
and transaction processing to identify security risks and possible
fraud. By pinpointing weaknesses in auditing and alerting to suspicious
activity, AppSentry can spot risks missed by traditional vulnerability
testing.
Overview