Justice adopts vulnerability scanner

The Justice Department has adopted Application Security's AppDetective scanner to check for and reduce database vulnerabilities throughout the department.

AppDetective is designed to locate, report and fix security gaps and misconfigurations as it scans databases.

The FBI and several other Justice agencies have used the scanner since March 2004 to monitor their databases and correct vulnerabilities, according to a company announcement. But now AppDetective will become the standard assessment scanner departmentwide, the company said.

A department spokeswoman confirmed Justice’s adoption of the scanner system.

“Our philosophy is one of building security into the operational process and building our validation testing into the implementation process,” said Dennis Heretick, chief information security officer at Justice, in the statement. Such tools help the department identify weaknesses in databases and verify when they have been corrected, he added.

In February, the company introduced AppRadar 3.0 to help administrators prevent application vulnerabilities in real time while ensuring strict adherence to regulatory requirements.

When deployed together, AppDetective and AppRadar help information technology organizations address their vulnerability identification and remediation concerns, the company said.