Call: +44 (0)1904 557620 Call

Pete Finnigan's Oracle Security Weblog

This is the weblog for Pete Finnigan. Pete works in the area of Oracle security and he specialises in auditing Oracle databases for security issues. This weblog is aimed squarely at those interested in the security of their Oracle databases.

[Previous entry: "July 2008 Critical Patch Update is out - a remote un-authenticated exploit revealed"] [Next entry: "July 2008 Critical Patch Update (CPU) is the first to use CVE-ID numbers"]

Sentrigo release Hedgehog vPatch

Sentrigo have released a new version of Hedgehog called vPatch.

Basically, it’s the same Hedgehog product but without the ability to create custom policies. After installation, without any configuration by the customer, Hedgehog vPatch will protect the database from known (and some 0day) attacks. This will help the customers to bridge the gap between CPU release and actual deployment.

From a commercial point of view, this offering is subscription based and costs $750 for a yearly subscription.

From my companies perspective I am excited as the UK reseller for Sentrigo as I have already said in a post "Sentrigo Hedgehog" that I am impressed by this product.

Everywhere I go, people engage me in conversations around CPU's and application of CPU's. In my experience it is getting better but let's not get carried away, most people are not patching quickly or at all. There is a change in direction but it is like a supertanker changing direction. Whilst i agree that the best option is to patch we have to be realistic and note that people do not patch or do not patch quickly so a product like vPatch is a good solution.

If anyone has any questions either about the enterprise version or the new vPatch then please let me know, also please feel free to download a free 14 day trail copy of the enterprise edition and see how easy it would be configure and use in your own organisations.