Global Software Security Services and Management

Proactive, Tailored, and Intelligent Software Security Services and Solutions

Cybersecurity is a priority for businesses in every sector, but budget constraints and the shortage of talent make it challenging for organizations to maintain a consistent and proactive security posture. Vendor security patching, which requires regression testing and system downtime, is both labor- and time-intensive, sometimes forcing companies to delay patching. This can leave them exposed or behind schedule in implementing their own best practices or software security guidelines.

The Rimini Street Global Security Services team delivers software security services to help clients deploy a holistic, layered security model across the enterprise, providing actionable security intelligence designed to reduce potential exposure.

Services

Security Case Resolution

Log security cases either online or directly with an assigned Primary Support Engineer (PSE).

Security Advisory Services

Help improve security for applications, databases, and the supporting IT environment.

Security Alerts

Get rapid response communication of new threats, with identification details and recommended mitigation.

Security Configuration Analysis

Benefit from state-of-the-art security audit tools to help fine tune and optimize configurations to secure systems.

Strategic Security Roadmap

Establish a security roadmap to help minimize security gaps and work toward continually improving processes in alignment with the latest best practices and software security guidelines.

Security Assessment

Understand the security posture of software and leverage guidance for improving processes and infrastructure.

Additional Security Solutions

Advanced Database Security

Help protect databases from known and unknown vulnerabilities by employing virtual patching to block attempted attacks before they reach the database.

Learn more

Advanced Application and Middleware Security

Get real-time, zero-day vulnerability protection to safeguard Oracle and SAP applications and middleware using Java run-time detection and remediation.

Learn more

Why Rimini Street

Rimini Street understands the constantly evolving threat landscape and the need for comprehensive software security services, and provides experienced engineers to help clients meet security objectives.

Better model

Rimini Street makes a significant investment in its ISO information security management system and certification and has achieved a perfect ISO 27001 information security certification score for six consecutive years. Clients and partners across the globe have confidence knowing that Rimini Street has an extensive security and compliance framework and software security services staff, and is committed to the confidentiality, integrity, and availability of their data.

Better people

The Rimini Street Global Security Services team is staffed with senior security professionals with an average of 20+ years of experience in enterprise software security services and adherence to software security guidelines and best practices.

Better outcomes

Our team of CISOs, product strategists, and security engineers have experience meeting the needs of nearly 3,400 clients, including the Fortune 500 and highly regulated, high security-clearance clients such as nuclear power plants and defense contractors.

Compare the value

There can be significant risks and challenges in the dated vendor security patch and update model. Rimini Street believes a vendor patch-centric security model may put licensees at risk with a false sense of comprehensive security protection.

	Rimini Street Advanced Security Solutions	Traditional Vendor Patching
Protects against known and unknown vulnerabilities without taking systems offline	Yes – protects against both known and unknown vulnerabilities including “zero day” exploits without taking systems offline	No – protects only against known vulnerabilities and requires downtime to apply patches
Updates are published within 24-72 hours after a vulnerability is published.	Yes – if required, updates are available within 24-72 hours after an exploit goes public	No – vulnerabilities may go months or years after they are discovered before a vendor patch is released¹
Popular, older releases are protected	Yes – virtual patching protects older releases no longer fully supported by the vendor	No – vendor patches are generally not available for popular, older releases
No need for costly regression testing due to software code changes	Yes – virtual patching is external to the software, does not require extensive regression testing or system downtime, and does not cause code-related problems	No – patching changes software code, requires significant testing and downtime, and can cause potential system problems
Updates are applied seamlessly, speeding time-to-protection and reducing workload	Yes – updates can be automatically applied, providing immediate protection	No – licensees can be 14-18 months behind in patching²
Ability to monitor, report, and alert attempted attacks	Yes – monitoring, reporting, and alerts are provided to improve security posture	No – no monitoring or reporting, and alerts on attempted malicious behavior or actions are not typically provided
Multi-vendor solution	Yes – Rimini Street Security Solutions protect Oracle, SAP, IBM, and Microsoft databases, applications, and middleware	No – a vendor’s patches only protect its software and frequently protect- only specific releases
¹https://www.oracle.com/security-alerts/cpuapr2020.html Oracle’s April, 2020 CPU release included two patches for 2016 Oracle DB CVEs and two patches for Middleware CVEs from 2016, and another from 2015. ²https://www.lightreading.com/security/security-takes-the-stage-at-oracle-industry-connect/d/d-id/731469.

Featured Clients

View All Clients

“I would not hesitate to reach out to the Rimini Street Global Security Services team again. They were quickly able to identify the problem and lead us to an effective solution that mitigates Java deserialization with WebLogic.”

Jeff Bell Chief Information Security Officer

Learn more

“Virtual patching is proactive and immediate. We don’t have to sit around and wait for something to happen before we get sent a vendor patch months later.”

Mark Brockman Executive Director of Information Technologies

Learn more

“We turned to independent support to help reduce costs and improve service. With a virtual patching strategy recommended by Rimini Street Global Security Services, we found we could also significantly boost database security and reduce overall risk.”

Ron Traub Senior Operations Manager

Learn more

Additional Resources

Datasheet

Rimini Street Advanced Database Security

Rimini Street Advanced Database Security is a next-generation database security solution enhanced with technology from McAfee that protects databases from known and unknown vulnerabilities by monitoring and analyzing database memory, and blocking attempted attacks using virtual patching before they reach the database.

Download

Datasheet

Rimini Street Advanced Application and Middleware Security

Zero-day protection for Oracle and SAP applications and middleware

Download

Datasheet

Rimini Street Global Security Services

Proactive, intelligent services and solutions tailored to your security profile

Download

Whitepaper

Securing Your Systems with a Next-Generation Layered Security Strategy

Times have changed for security, and it’s important to ensure you apply the correct controls to enterprise systems. Security breaches involving highly visible companies such as Equifax and JPMorgan Chase are in the news constantly, but each day many lesser-known organizations struggle to remediate security risks and deal with attacks. Fortunately, there are low hanging fruit which will improve your security program and address the highest priorities. Securing enterprise applications and databases need not be overly complicated, but it does take planning. Modern security solutions provide the fast, comprehensive and easy-to-deploy vulnerability protection needed in today’s complex, multi-vendor technology landscape. The good news is you can take advantage of modern and proven solutions, knowledge and best practices to reduce risk for your applications and databases. This paper examines how you can improve your security program to address the highest priorities – providing insight into the five essential areas that demand your attention. You can employ them to improve your security posture as part of a holistic approach.

Download

This website has been built using modern web standards not fully supported by your browser. Please consider updating your browser.

Upgrade Today

Need

Software Supported

Support Services

Rimini Street Support Program Features

Clients by Industry

Turning Savings Into Business Solutions: How Rimini Street Clients Fuel Their Business-Driven Roadmap

Clients by Software Supported

Turning Savings Into Business Solutions: How Rimini Street Clients Fuel Their Business-Driven Roadmap

Resource Library

Gartner Research Report − Predicts 2020: Negotiate Software and Cloud Contracts to Manage Marketplace Growth and Reduce Legacy Costs

Blog

Adopting a “Shift Left” Strategy to Transform Technology Support Services

About Us

Valoir Report: Third-Party Support Goes Mainstream

Rimini Street Advantage

Rimini Street Company Overview Brochure

Global Security Services

Proactive, Tailored, and Intelligent Software Security Services and Solutions

Services

Security Case Resolution

Security Advisory Services

Security Alerts

Security Configuration Analysis

Strategic Security Roadmap

Security Assessment

Additional Security Solutions

Advanced Database Security

Advanced Application and Middleware Security

Why Rimini Street

Better model

Better people

Better outcomes

Compare the value

Rimini Street Advanced Security Solutions

Traditional Vendor Patching

Protects against known and unknown vulnerabilities without taking systems offline

Yes – protects against both known and unknown vulnerabilities including “zero day” exploits without taking systems offline

No – protects only against known vulnerabilities and requires downtime to apply patches

Updates are published within 24-72 hours after a vulnerability is published.

Yes – if required, updates are available within 24-72 hours after an exploit goes public

No – vulnerabilities may go months or years after they are discovered before a vendor patch is released1

Popular, older releases are protected

Yes – virtual patching protects older releases no longer fully supported by the vendor

No – vendor patches are generally not available for popular, older releases

No need for costly regression testing due to software code changes

Yes – virtual patching is external to the software, does not require extensive regression testing or system downtime, and does not cause code-related problems

No – patching changes software code, requires significant testing and downtime, and can cause potential system problems

Updates are applied seamlessly, speeding time-to-protection and reducing workload

Yes – updates can be automatically applied, providing immediate protection

No – licensees can be 14-18 months behind in patching2

Ability to monitor, report, and alert attempted attacks

Yes – monitoring, reporting, and alerts are provided to improve security posture

No – no monitoring or reporting, and alerts on attempted malicious behavior or actions are not typically provided

Multi-vendor solution

Yes – Rimini Street Security Solutions protect Oracle, SAP, IBM, and Microsoft databases, applications, and middleware

No – a vendor’s patches only protect its software and frequently protect- only specific releases

1https://www.oracle.com/security-alerts/cpuapr2020.html Oracle’s April, 2020 CPU release included two patches for 2016 Oracle DB CVEs and two patches for Middleware CVEs from 2016, and another from 2015.

Featured Clients

Additional Resources

Rimini Street Advanced Database Security

Rimini Street Advanced Application and Middleware Security

Rimini Street Global Security Services

Securing Your Systems with a Next-Generation Layered Security Strategy

Improve your organization's security posture.

Contact us to learn more.

No – vulnerabilities may go months or years after they are discovered before a vendor patch is released¹

No – licensees can be 14-18 months behind in patching²

¹https://www.oracle.com/security-alerts/cpuapr2020.html Oracle’s April, 2020 CPU release included two patches for 2016 Oracle DB CVEs and two patches for Middleware CVEs from 2016, and another from 2015.