Back

Rimini Street Announces Launch of Rimini Street Advanced Database Security

Innovative virtual patching provides broad, easy to apply and faster time-to-protect database security as compared to traditional software vendor patching; New product part of Company’s Global Security Services solutions

LAS VEGAS, June 7, 2017 Rimini Street, Inc., a global provider of enterprise software products and services, and the leading independent support provider for Oracle and SAP products, today announced the launch of Rimini Street Advanced Database Security. The product, available today and enhanced with technology from McAfee, one of the world’s leading cybersecurity companies, is a new, next-generation database security solution that protects databases from known and unknown vulnerabilities by monitoring and analyzing database communications traffic, and blocking attempted attacks before they reach the database.

Rimini Street Advanced Database Security provides users with a fast time-to-protect the database in comparison to traditional software vendor patching. Traditional vendor patching is often ineffective due to late patch delivery, complexity to apply code patches, and the expense of regression testing existing code. Rimini Street Advanced Database Security is immediately available for Oracle, SAP, IBM and Microsoft databases under support contracts with Rimini Street.

The Rise of Virtual Patching

Sometimes known as “external patching” or “vulnerability shielding,” virtual patching establishes a protective policy enforcement gateway that is outside the resource being protected and works to identify and intercept attempted exploits of vulnerabilities before they reach their target. With virtual patching, direct modifications to the resource being protected are not required, and updates can be automatic and adapt to continuously evolving threats. When a security attack vector is blocked using virtual patching solutions, traditional vendor software patching can become redundant or irrelevant.

Virtual patching can be more comprehensive, more effective, faster, safer and easier to apply than traditional vendor patching, and provides organizations a faster time-to-protection against vulnerabilities with a more cost-effective solution, without any need to impact production systems. With traditional vendor security patching models, there is an inherent risk that code patches will cause new, unforeseen issues with core business systems. Virtual patching does not require the extensive, time-consuming and costly regression testing that must be performed across every instance and release level, and with each code patch being introduced into mission-critical production systems.

The Fall of Traditional Vendor Security Patching

Security professionals have found that traditional vendor security patching models are outdated and provide ineffective security protection due to late delivery of patches, complexity to apply patches and the expense of regression testing leaving enterprise systems vulnerable for months, sometimes even years. In fact, many companies only apply security patches once per year if at all due to the significant downtime, labor and cost. With a half-life of vulnerabilities being less than 30 days, the majority of cyber-attacks happen before a patch is released by the database software vendor.1

According to the Aberdeen Group:2

  • There is often a significant lag time between the public disclosure of a vulnerability and the availability of a patch from the vendor, which can leave many enterprise systems vulnerable for months.
  • 42% of known database vulnerabilities are not addressed by vendor patching within a year.
  • In addition to the delayed release of patches, the time required and business disruption created in applying vendor delivered security patches leads many organizations to delay or forgo altogether applying these patches.
  • The cost involved to apply the patches to their database environment is also an inhibitor.
  • Research data highlights that for a mid-size company with 100 database instances, the traditional vendor security patching model has a median business cost of around $4 million.

“The new Rimini Street Advanced Database Security product provides a holistic and highly effective level of security protection for database customers of any size in comparison to traditional vendor patching methodologies,” said Brian Day, president, Mercury Technology Group. “We are deploying this virtual patching capability on behalf of joint customers with Rimini Street, and we are impressed with the speed of protection and comprehensive coverage of this integrated database security solution.”

Rimini Street Global Security Services

As part of its robust support services, Rimini Street helps its clients identify, mitigate and protect against security risks and vulnerabilities, and achieve a more secure application and technical environment through strategic consultation, recommendations and partner solutions such as the Rimini Street Advanced Database Security. Launched in 2015, Rimini Street Global Security Services (GSS) is a team of expert security engineers and architects led by Josh Sosnin. Mr. Sosnin has more than 15 years of global experience in information security and IT compliance, and holds various security and audit certifications, including CISSP, CISM, and CISA. Prior to joining Rimini Street, he served as Chief Information Security Officer (CISO) for Aramark (NYSE: ARMK), a $15 billion, Fortune 500 company with nearly 300,000 employees.

“Today we have delivered a comprehensive, cost-effective and advanced database security solution, enhanced with technology from McAfee, that moves past the weaknesses, challenges and pitfalls of traditional vendor security patching,” said Mr. Sosnin. “Rimini Street supports some of the largest companies in the world who are operating some of the most expansive and complex IT infrastructures globally including thousands of database instances. In a world of evolving threats, we are committed to being at the forefront of innovative security strategies and solutions, such as holistic security and virtual patching, both of which are leveraged in our new Rimini Street Advanced Database Security.”

1Qualys Research, “The Laws of Vulnerabilities 2.0,” 2009

2Aberdeen Group, “Beyond the Patch: Reducing the Risk of Database and Application Vulnerabilities,” October 2016 and Aberdeen Group, Virtual Patching and Database Security: An Effective Compensating Control, April 2013

About Rimini Street, Inc.

Rimini Street, Inc. (Nasdaq: RMNI) is a global provider of enterprise software products and services, the leading third-party support provider for Oracle and SAP software products and a Salesforce partner. The Company offers premium, ultra-responsive and integrated application management and support services that enable enterprise software licensees to save significant costs, free up resources for innovation and achieve better business outcomes. To date, more than 3,500 Fortune 500, Fortune Global 100, midmarket, public sector and other organizations from a broad range of industries have relied on Rimini Street as their trusted application enterprise software products and services provider. To learn more, please visit https://www.riministreet.com, follow @riministreet on Twitter and find Rimini Street on Facebook and LinkedIn.

Forward-Looking Statements

Certain statements included in this communication are not historical facts but are forward-looking statements for purposes of the safe harbor provisions under The Private Securities Litigation Reform Act of 1995. Forward-looking statements generally are accompanied by words such as “may,” “should,” “would,” “plan,” “intend,” “anticipate,” “believe,” “estimate,” “predict,” “potential,” “seem,” “seek,” “continue,” “future,” “will,” “expect,” “outlook” or other similar words, phrases or expressions. These statements are subject to a number of risks and uncertainties regarding Rimini Street’s business, and actual results may differ materially. These risks and uncertainties include, but are not limited to, the duration of and economic, operational and financial impacts on Rimini Street’s business of the COVID-19 pandemic, as well as the actions taken by governmental authorities, clients or others in response to the COVID-19 pandemic; catastrophic events that disrupt Rimini Street’s business or that of its current and prospective clients, changes in the business environment in which Rimini Street operates, including inflation and interest rates, and general financial, economic, regulatory and political conditions affecting the industry in which Rimini Street operates; adverse developments in pending litigation or in the government inquiry or any new litigation; Rimini Street’s need and ability to raise additional equity or debt financing on favorable terms and Rimini Street’s ability to generate cash flows from operations to help fund increased investment in Rimini Street’s growth initiatives; the sufficiency of Rimini Street’s cash and cash equivalents to meet its liquidity requirements; the terms and impact of Rimini Street’s outstanding 13.00% Series A Preferred Stock; changes in taxes, laws and regulations; competitive product and pricing activity; difficulties of managing growth profitably; the customer adoption of Rimini Street’s recently introduced products and services, including its Application Management Services (AMS), Rimini Street Advanced Database Security, and services for Salesforce Sales Cloud and Service Cloud products, in addition to other products and services Rimini Street expects to introduce in the near future; the loss of one or more members of Rimini Street’s management team; uncertainty as to the long-term value of Rimini Street’s equity securities; and those risks discussed under the heading “Risk Factors” in Rimini Street’s Quarterly Report on Form 10-Q filed on August 5, 2020 and as updated from time to time by other filings by Rimini Street with the Securities and Exchange Commission. In addition, forward-looking statements provide Rimini Street’s expectations, plans or forecasts of future events and views as of the date of this communication. Rimini Street anticipates that subsequent events and developments will cause Rimini Street’s assessments to change. However, while Rimini Street may elect to update these forward-looking statements at some point in the future, Rimini Street specifically disclaims any obligation to do so, except as required by law. These forward-looking statements should not be relied upon as representing Rimini Street’s assessments as of any date subsequent to the date of this communication.

© 2020 Rimini Street, Inc. All rights reserved. “Rimini Street” is a registered trademark of Rimini Street, Inc. in the United States and other countries, and Rimini Street, the Rimini Street logo, and combinations thereof, and other marks marked by TM are trademarks of Rimini Street, Inc. All other trademarks remain the property of their respective owners, and unless otherwise specified, Rimini Street claims no affiliation, endorsement, or association with any such trademark holder or other companies referenced herein.

Investor relations contact:

Dean Pohl

Rimini Street, Inc.

+1 925-523-7636 dpohl@riministreet.com
Media relations contact:

Janet Ravin

Rimini Street, Inc.

+1 702-285-3532 pr@riministreet.com