DATABASE Vulnerability Assessment, IDS, Security Auditing, Activity Monitoring 2006-12-01 Software AppSecInc, the Governments leading database security provider, solutions provide DATABASE Discovery, Vulnerability Assessment, Security Audit, Real Time Activity Monitoring, Intrusion Detection (IDS), Remediation and Reporting with customizable Federal Policies (STIG, CIS, FISMA, SOX). Ensure Compliance in Oracle, SQL, MySQL, DB2, and Sybase platforms. Find and monitor Sensitive Data Extracts in real time, Privileged User Activity, Insider Threat and Attacks. In process for Common Criteria Certification. Database security has become a focus for regulatory and legislative bodies within the federal government over the past year. The federal standards bodies have released several publications requiring agencies to address database security and vulnerability management. The OMB FISMA 2005 Reporting Guidance requires federal agencies to comply with the requirements of these publications. Application Security’s Database security suite provides capabilities to perform Vulnerability Assessment, Auditing and Activity monitoring at the database. AppSecInc products allow agencies to replace the long, often painful, manual Database checklist process with a software application. This reduces implementation time by weeks, even months, depending on the size of the database installation, and provides significant auditing information to satisfy compliance reporting requirements. Application Security is also able to assist with OMB M-06-16 by providing real time monitoring and reporting of sensitive data extracts from the database. Often databases are not even monitored in the Government. Since data resides in the databases 99% of its life one could argue that it the most important asset to assess and monitor. Application Security provides a niche in the defense in depth strategy that is often overlooked. Our products map directly to NIST 800-53 and DISA STIG. We also provide Federal policies to make compliance at the database easier. Application Security has been in process for Common Criteria EAL 2 since May 2006 and certification is anticipated in 2007. http://www.appsecinc.com/solutions/federal/index.shtml Security Management Component Framework Security Supporting Security Services Database Security Services