Cigital, Inc. Selects Application Security, Inc. for Database Assessment and Audit Engagements

Leading Software Security Consultancy Deploys AppDetectivePro to Increase Database Assessment Efficiency and Ensure Continuous Compliance

NEW YORK - May 25, 2010 - Application Security, Inc., the leading provider of database security, risk and compliance solutions (SRC) for the enterprise, today announced that Cigital, Inc., a consulting firm specializing in software security and quality, has selected AppDetectivePro™ for database vulnerability assessment. Cigital has deployed AppDetectivePro's agentless database scanning technology in large database environments across multiple client engagements to assess potential vulnerabilities and review user entitlements.

Cigital has enabled some of the most well-known Fortune 500 organizations and government agencies to reduce their mission-critical software business risks. Together, the robust capabilities of AppDetectivePro and the security expertise of Cigital enable a comprehensive approach to critical security projects such as software reviews, best practices and automation for software testing, secure Software Development Lifecycle (SDLC) implementation, portfolio risk analysis, and software security training.

"By leveraging the world's largest database vulnerability knowledgebase, AppDetectivePro allows us to provide a comprehensive database risk assessment as part of our IT Security consulting engagements," said Aaron Ingram, Technical Manager, Cigital, Inc. "AppDetectivePro's, automated database scanning capabilities significantly reduce the time and resources required to complete an assessment and enable us to focus on helping our clients ensure their applications are secure and reliable, while also improving their software deployments." 

With tens of thousands of licenses shipped worldwide, AppDetectivePro is the de facto standard audit and assessment solution for database security, risk and compliance.  AppDetectivePro discovers, examines, reports and proposes fixes for database security vulnerabilities and misconfigurations.  Because it is agentless, AppDetectivePro can be rapidly implemented and provide immediate time to benefit.  The solution provides auditors, IT advisors and internal audit teams with detailed compliance reports and a comprehensive view of an organization’s database asset inventory, vulnerability profile, access controls and entitlements to sensitive information.

"In conducting enterprise-scale security assessments, Cigital is responsible for assuring the proper configuration and deployment of software designed to protect sensitive information," said Rob Chapdelaine, vice president, worldwide sales and distribution, Application Security, Inc.  "AppDetectivePro increases reliability and improves the efficiency of assessments and audits of database entitlements and vulnerabilities for Cigital’s global client engagements."

 About Application Security, Inc.
AppSec is the leading provider of database security, risk and compliance (SRC) solutions for the enterprise.  AppSec’s agentless approach - AppDetectivePro for auditors and IT advisors, and DbProtect for the enterprise - delivers the industry’s most scalable database SRC solution and is in use around the world in the most demanding environments by over 2,000 customers.  The company was named to Inc. Magazine’s 2007 (Inc. 500) and 2008 list of America’s Fastest Growing Private Companies, and was also named to the 2008 Deloitte Technology Fast 50 by Deloitte & Touche.

For a free database vulnerability assessment visit http://www.appsecinc.com/downloads/appdetectivepro/

For more information, please visit www.appsecinc.com.

Contact:
Kelly Kane                                                                               
Application Security, Inc.                                                           
kkane@appsecinc.com     
781-687-1023