评估商业软件。

   AppDetectivePro把检测评估过程分为四个阶段： 

   1．确定要检测评估的数据库，称之为Discovery。

   2．进行模拟黑客外部攻击的渗透测试Penetration Test。

   3．登录数据库进行内部审计测试Audit Test。

   4．生成评估报告。
 
AppDetectivePro is a network-based vulnerability assessment scanner that discovers database applications and assesses their security strength. AppDetectivePro uses industry best practices and proven security methodologies to locate, examine, report on and fix security holes and misconfigurations to protect organizations from internal and external database threats. From within AppDetectivePro, auditors, DBAs and other IT security professionals can leverage a “hacker’s point-of-view” to gain a unique perspective on an organization’s risk posture.  It also ranks vulnerabilities by severity and risk level so that they can be fixed in a timely manner.  

Some benefits to organizations running AppDetectivePro include:

Database discovery (asset/inventory discovery) 
Database penetration testing (non-credentialed, outside in scans, i.e. hacker’s view) 
Database auditing (credentialed scans) 
Job/scan scheduling 
Support for all major database platforms 
Consistent base lining and repeatability 
Significant time savings vs. script based scanning 
Database vulnerability remediation scripts 
Industry leading vulnerability knowledgebase 
Comprehensive reporting including automatic delivery 
Industry leading team of dedicated database vulnerability researchers allowing Application Security, Inc. to update AppDetectivePro every 30 days 
Additionally, AppDetectivePro helps organizations to verify they are following compliance and regulatory requirements, including: PCI Data Security Standard, HIPAA, GLBA, California Security Breach Information Act (SB 1386), Sarbanes-Oxley Act, Basel II, ISO 27001/17799, DISA-STIG, FISMA, NIST 800-53, PIPEDA, Canada’s Bill 198, and MITS.