[July 20, 2011]

Application Security, Inc. To Support July Oracle Critical Patch Update

Application Security, Inc. (AppSecInc), the leading provider of database security, risk and compliance solutions (SRC) for the enterprise, today announced that TeamSHATTER researcher, Esteban Martinez Fayo has been credited by Oracle (News - Alert) for discovering and reporting eleven vulnerabilities disclosed in the July 2011 Oracle Critical Patch Update (CPU). In addition, this quarter Martinez Fayo also was recognized as a Security-in-Depth contributor for Oracle. Individuals are recognized for Security-In-Depth contributions if they provide information, observations or suggestions pertaining to security vulnerability issues that result in significant modification of Oracle code or documentation in future releases.

The July CPU contains a total of 78 security vulnerability fixes across multiple Oracle products. Sixteen fixes are specific to the Oracle database server and three are for Oracle Secure Backup.

TeamSHATTER's researchers have been credited for reporting vulnerabilities in 25 of the last 27 quarters. The TeamSHATTER vulnerability knowledgebase is the largest and most up-to-date offering of its kind. By identifying and remediating critical database vulnerabilities, TeamSHATTER helps to ensure that AppSecInc customer data is safe from internal and external threats.

"I'm happy to see Oracle is fixing more database vulnerabilities than they have in previous CPU's, but I'm disappointed to see how many vulnerabilities are being found in supposedly secure add-ons, like Secure Backup, Database Vault and th Oracle Enterprise Manager Grid Control," said Alex Rothacker, Director of Security, AppSecInc's TeamSHATTER. "We encourage all Oracle users to apply the patches and implement compensating controls such as activity monitoring and blocking as soon as possible to prevent the exploitation of these known vulnerabilities."

AppSecInc supports every Oracle CPU by updating its market-leading solutions, AppDetectivePro for auditors and IT advisors and DbProtect for the enterprise with the appropriate scanning checks and monitoring filters through its monthly ASAP Update™ (Application Security (News - Alert) Automatic Protection) process. DbProtect updates will include monitoring filters for the new security vulnerabilities, enabling customers to protect sensitive information during the deployment of new patches across their database infrastructure.

About TeamSHATTER

TeamSHATTER, the research arm of Application Security, Inc., is the largest dedicated database security, vulnerability and misconfiguration research team in the world. TeamSHATTER maintains the most comprehensive knowledgebase of database vulnerability and misconfiguration checks in the industry and understands how to make security an integral part of an enterprise's database security and network management infrastructure. TeamSHATTER regularly publishes security advisories, technical papers, and research information on www.TeamSHATTER.com.

About Application Security, Inc.

AppSecInc is a pioneer and leading provider of database security, risk and compliance (SRC) solutions for the enterprise. By providing strategic and scalable software-only solutions - AppDetectivePro for auditors and IT advisors, and DbProtect for the enterprise - AppSecInc supports the database SRC lifecycle for some of the most complex and demanding environments in the world across more than 2,000 commercial and government customers.

Leveraging the world's most comprehensive database security knowledgebase from the company's renowned team of threat researchers, TeamSHATTER, AppSecInc products help customers achieve unprecedented levels of data security from nefarious or accidental activities, while reducing overall risk and helping to ensure continuous regulatory and industry compliance.

For more information, please visit: www.appsecinc.com | www.teamshatter.com

For a free database vulnerability assessment visit:

http://www.appsecinc.com/downloads/appdetectivepro/

Follow us on Twitter (News - Alert): www.twitter.com/appsecinc | www.twitter.com/teamshatter

DbProtect and AppDetectivePro are trademarks of Application Security, Inc. All other product names, service marks, and trademarks mentioned herein are trademarks of their respective owners.

[ Back To TMCnet.com's Homepage ]