The U.S. Department of Justice (DOJ) is utilizing Application Security, Inc.'s (AppSecInc) vulnerability assessment scanner, AppDetective, to reduce and manage database vulnerabilities throughout the agency.

Speaking about the decision to deploy AppSecInc's solution, Dennis Heretick, chief information security officer for the DOJ said, "Our philosophy is one of building security into the operational process and building our validation testing into the implementation process. Tools such as AppDetective allow us to identify vulnerabilities in the [database] application and then verify that we have corrected them."

AppDetective locates, examines, reports and fixes security holes and misconfigurations -- as a result, enterprises and government IT groups can proactively harden their database applications while improving and simplifying routine audits.

Jack Hembrough, president and CEO of AppSecInc, said, "By establishing database controls, documenting their status, and promptly identifying violations, AppSecInc helps government organizations define best practices, document continuous improvement, and ensure prompt incident response -- the hallmarks of any demonstrable, repeatable and effective compliance effort."