Rimini Street has launched Rimini Protect, a new suite of security solutions that is always on and provides a layer of security that surrounds and protects enterprise IT infrastructure and applications.
Rimini Street has provided “zero-day” security solutions for our clients’ enterprise software applications, middleware, and databases, and these solutions are now available with additional new offerings in the new Rimini Protect suite.
Security protection is a top priority
A data breach can harm organizations and their customers or constituents, in 2021 alone, there were 623 million ransomware attacks. The average cost of a data breach is $4.2 million and 25% of all data breaches are motivated by espionage or stealing commercial information. The downtime and remediation of a security breach may be monetarily costly, but often the reputational damage does more harm to an organization.
The bad actors who want to steal data and disrupt operations can attack from a myriad of vectors that target multiple system layers and components. In a world of continuously evolving cybersecurity threats, new vulnerabilities are identified regularly – and there are always the risks of unidentified vulnerabilities as well. Organizations must invest in security solutions that both prevent breaches and also provide “zero-day” protection against vulnerabilities before they can be exploited. The first time a vulnerability is exploited it is called a “zero-day” attack.
Some organizations still primarily rely on reports and patches from their software vendor for protection against attacks, but this strategy may have several shortcomings:
- Dangerous limitations – do not address custom code, unsupported releases, or unknown vulnerabilities
- Not timely – can take weeks, months, or even years to be delivered by a software vendor – and sometimes no patch is provided at all
- Labor-intensive – may require a product or technology upgrade and might need to be regression tested before rolling into production
- Ongoing risk – may not be adequate to sufficiently protect against an identified vulnerability
Rimini Street is already a trusted partner for security
Organizations trust Rimini Street with supporting their mission-critical applications and data, and many of those clients have already expanded their Rimini Street relationship to include security solutions. The Rimini Street security portfolio, includes solutions for protecting clients’ Oracle and SAP applications, middleware, and databases.
Defense in depth protections are essential
Organizations should build and maintain multiple layers of security – including protecting the database layer where critical data is stored – as a part of a “Defense in Depth” cybersecurity strategy.
Rimini Protect enhances a “Defense in Depth” strategy with full-stack solutions to achieve zero-day security protection against the threat of known and unknown, unreported vulnerabilities. Rimini Protect includes layered application and database security software and service solutions:
Rimini Street Advanced Application and Middleware Security, which protects against both known and unknown vulnerabilities using Java Runtime detection and remediation before attacks reach their intended target, including releases that are no longer fully supported by the vendor.
Rimini Street Advanced Database Security, a database security solution, helps protect databases from known and unknown vulnerabilities by continuously monitoring and analyzing shared memory.
Rimini Protect for SAP Applications is a fully managed service providing shields that remediate applications’ vulnerabilities at speed and scale without touching a line of code, protecting from even sophisticated attacks.
Global Security Services are delivered by Rimini Street security engineers who help organizations maintain the most complete and hardened cybersecurity posture possible in consideration of their particular circumstances. These services include security assessments, hardening and configuration guides, security roadmaps and security vulnerability analysis reports (SVARs).
Software vendor patching is dated and insufficient protection
According to an Aberdeen Group market research report, “traditional patching is a process that never ends” because technology stacks continue to become more complex and the volume and frequency of vendor-supplied software patches are too overwhelming for IT staff to manage. In contrast, virtual patching “refers to establishing a policy enforcement point that is external to the resource being protected and designed to identify, intercept, and remediate exploits of vulnerabilities before they reach their target.”
“Enterprises that rely on dated software vendor patching models still find themselves vulnerable to attacks because patches address only known vulnerabilities. They do not protect against unknown vulnerabilities. Rimini Protect is one of the many innovative solutions from Rimini Street that help our clients take a smart path with their technology portfolio,” said Gabe Dimeglio, vice president and executive advisor, security at Rimini Street.
“Rimini Protect goes well beyond typical software vendor patching to protect the entire environment of applications, middleware and databases using active security controls that monitor activities in real-time to identify malicious actions and proactively block processes that attempt to exploit known and new zero-day vulnerabilities.”, Dimeglio continued.