AppSentry Overview

AppSentry is a new generation of security scanner and vulnerability assessment tool. Unlike other security scanners, AppSentry knows the application it is validating – its technology and data model. The security audits and checks are written specifically for the application being tested. Hackers and mischievous employees often exploit security issues at different layers of the technology stack, thus only a complete and comprehensive security validation will uncover all risks in a multi-tiered environment

The advantage of AppSentry is you don't need separate tools for the operating system, web server, database, and application. AppSentry is a single tool that can validate and audit the security of the entire application technology stack from operating system to application layer.

AppSentry Features

Database and ERP Applications

Audits and checks all your key databases and ERP applications

Simple to Use

Task oriented GUI doesn't require database security expertise

Powerful Reporting

Findings, recommendations, exportable, compliance mappings (PCI, HIPAA, SOX, …)

ERP Full Stack

Audits the entire ERP application technology stack including database, application server, and application

Security Eco-System Integration

Integrates with your existing security and database tools

Zero Impact

Agentless installation with no performance impact

AppSentry Checks and Audits

AppSentry performs over 1,000 security audits and checks against the Oracle Database, Microsoft SQL Server, Oracle Fusion Middleware, and Oracle E-Business Suite. All technology components – operating system, web server, application server, and database – are analyzed as well as the application. The audits and checks are internal and external; some are performed through penetration testing while others are performed by accessing the file-system, database, and application.

Here is a sample of a few of the 1,000+ checks AppSentry performs -

Operating System

Standard Oracle accounts

UNIX and Windows security patches

Web Server

Apache configuration (http.conf)

Apache logging (http.log)

Apache virtual directories

Apache and JServ security patches

SSL configuration

Oracle support cgi-bin scripts

PLSQL Cartridge exploits

Application Server

Forms and reports security patches

SSL configuration

Database

Database accounts

Listener exploits

Database auditing (SYS.AUD$)

Database security patches

APPS permissions

APPLSYSPUB permissions

Database links

Oracle E-Business Suite

Application accounts

Users with Sysadmin responsibility

Application’s security patches

Application auditing

Password related profile options

AppSentry Specifications

AppSentry Targets

Oracle E-Business Suite 11.5.7 - 11.5.10 CU2

12.0

12.1

12.2
Sun Solaris (SPARC)

HP (HP/UX)

IBM (AIX)

Linux (all supported vendors)

Windows Server
Oracle PeopleSoft 

9.1, 9.2

8.50 - 8.57

Sun Solaris (SPARC)

HP (HP/UX)

IBM (AIX)

Linux (all supported vendors)

Windows Server
Oracle Database

8i (8.1.7)

9i (9.0.1, 9.2)

10g (10.1, 10.2)

11g (11.1, 11.2)

12c (12.1, 12.2)

18c (18.3, 18.4)

19c (19.3)

Sun Solaris (SPARC and Intel)

HP (HP/UX and Tru64)

IBM (AIX)

Linux (all supported vendors)

Windows Server
Microsoft SQL Server

2000

2005

2008, 2008 R2

2012

2014

2016

2017

Windows Server 2008/2008 R2

Windows Server 2012/2012 R2

Windows Server 2016

Windows Server 2019

AppSentry requires no software or agents to be installed on the target database or application.  A valid database account with query-only privileges is required for both databases and applications.

AppSentry System Requirements

Operating System

All Java supported operating systems

(Oracle Java, OpenJDK, Amazon Corretto, Azul Zulu)

Browser Chrome, Firefox, Safari, Edge
Processor, RAM, Disk Intel Pentium or AMD CPU

1 GB RAM

2GB Free Disk Space
Database Drivers

AppSentry requires no database

drivers to be installed on either

the AppSentry server or target database

AppSentry Information