Application Security, Inc. to Support Latest Oracle Critical Patch Update for the Oracle Database

Oracle Recognizes Application Security, Inc.'s Team SHATTER for Contribution to Oracle's Latest Database Vulnerability Fixes

NEW YORK â"€ Application Security, Inc., the leading provider of database security, risk and compliance solutions (SRC) for the enterprise, today announced that it will support Oracle's January 2010 CPU (critical patch update) for the Oracle database.

The latest CPU contains 24 security vulnerability fixes across multiple Oracle products, 10 of which are specific to the Oracle database. One of the 10 database vulnerabilities, affecting the Listener component, has been given a CVSS (Common Vulnerability Scoring System) score of 10, the highest vulnerability possible. This vulnerability can also be exploited remotely without authentication. Application Security, Inc. implements support for every CPU ensuring the highest level of protection and performance for Oracle database users.

Since 2004, Team SHATTER, Application Security, Inc.'s leading database security research team has reported over 80 database-related vulnerabilities to Oracle. The company's agentless approach helps Oracle customers streamline database risk assessment and manage critical information assets for successful database audits.

As it does every quarter, Application Security, Inc. uses its monthly ASAP Update™ (Application Security Automatic Protection) process to enhance its market-leading solutions: AppDetectivePro for auditors and IT advisors - and DbProtect for the enterprise with Oracle's CPU. Updates include monitoring filters for new security vulnerabilities, enabling customers to protect themselves during the deployment of new patches across their database infrastructure.

"Application Security, Inc. is committed to providing ongoing research and updates in order to ensure that Oracle customers and our customers are protected from threats to their critical data," said Alex Rothacker, Manager, Team SHATTER, Application Security, Inc. "Our research is instrumental in ensuing that enterprise database environments remain secure and compliant."