CC Certificate 

Security Target 

Validation Report 

Assurance Activity 

Administrative Guide 

AppDetectivePRO (also referred to as ADP) is application software that performs scanning of databases as configured by authorized users. Authorized administrators configure the list of Windows users that may use the ADP application. Authorized users then configure databases (assets) to be scanned, associate policies applicable to each database, and review the results of the scans.

All interactions of administrators and users with the TOE is via a GUI provided by the ADP application. The TOE performs automated scanning of the configured databases hosted on the same Microsoft Windows 10 instance. The scanning functionality is referred to as the Scan Engine.

The evaluation was carried out in accordance to the Common Criteria Evaluation and Validation Scheme (CCEVS) requirements and guidance.  The evaluation demonstrated that the TOE meets the security requirements contained in the Security Target.  The criteria against which the TOE was judged are described in the Common Criteria for Information Technology Security Evaluation, Version 3.1, Revision 5, April 2017. The evaluation methodology used by the Evaluation team to conduct the evaluation is the Common Methodology for Information Technology Security Evaluation, Evaluation Methodology, Version 3.1, Revision 5, April 2017.  The product, when delivered and configured as identified in the Trustwave AppDetectivePRO v10.2 User Guide, July 2021 document, satisfies all of the security functional requirements stated in the AppDetectivePRO v10.2 Security Target, Version 1.9, September 20, 2023.  The project underwent CCEVS Validator review.  The evaluation was completed in September 2023.  Results of the evaluation can be found in the Common Criteria Evaluation and Validation Scheme Validation Report (report number CCEVS-VR-VID11306-2023) prepared by CCEVS.

The TOE provides the security functionality required by [SWAPP].

3.1 Cryptographic Support

The TOE does not generate keys, use a DRBG or store credentials.

3.2 User Data Protection

The TOE ensures that all sensitive application data is encrypted and protected. The TOE does not maintain sensitive information repositories and it restricts its access only to network connectivity. The TOE restricts inbound and outbound network communications only to user-initiated network communication for scanning configured databases.

3.3 Security Management

The TOE does not come with any default credentials. The user installing the TOE is automatically configured as an authorized Administrator.  Administrators may authorize additional users to execute the ADP application.  Authorized users may use the ADP application to manage Assets and Policies and execute scans.  Scan results may also be viewed.

3.4 Privacy

The TOE itself does not contain or transmit any PII.

3.5 Protection of the TSF

The TOE employs several mechanisms to ensure that it is secure on the host platform. Only documented platform APIs are used by the TOE. The TOE never allocates memory with both write and execute permission. Evaluated platform functionality is used to verify the TOE version and perform updates.

3.6 Trusted Path/Channels

The TOE does not transmit sensitive data.

Vendor Information