Oracle Software Security Assurance

Oracle Software Security Assurance program ensures that Oracle products meet or exceed customers' security requirements, while also providing for the most cost-effective ownership experience. Oracle Software Security Assurance also delivers:

• Maximum security—Security best practices are used throughout development. Resistance to threats is reassessed on a regular basis. Vulnerabilities are addressed through the Critical Patch Update
• Lower administration costs—Oracle provides a detailed roadmap for its quarterly patch issuance. Defined with customers' input, the Critical Patch Update calendar is designed to avoid typical "blackout dates" during which customers cannot alter their production environments
• Reduced threat level—Oracle controls the dissemination of sensitive vulnerability information. Oracle does not develop or distribute exploit code, which could be used maliciously outside of a research environment.

• Strong security standards, automated testing tools, and standard security libraries are consistently implemented throughout the development organization
• Oracle releases patches for all of its products on a quarterly basis. Detailed information can be found on the Oracle Technology Network
• Oracle is the undisputed market leader in formal security evaluations with an impressive list of major certifications
• Security best practices, checklists, and technical guides can be found on the Security Technology Center
• Find more information, including analyst reports, executive blogs, white papers, and much more in the Oracle Software Security Assurance resource library