Security and Vulnerability Support2019-05-22T13:29:50+00:00

People, Processes, and Technology Designed to Defend all Layers of your Oracle and SAP Technology Stack

With the rise in data breaches and the continuing evolution of data protection and privacy regulations, most organizations are challenged to simply keep current in how they secure their businesssensitive data. Vulnerabilities and exposures now come from a variety of external and internal sources, and effective security must address the full technology stack. 

Spinnaker Support understands this and takes your data and application security seriously. This security philosophy is embedded in how we support our customers, and we deliver security solutions designed for your unique set of applications and systems. 

That’s why, in our 2018 Satisfaction Survey, 98% of customers who cited security as an issue reported that their security level was the same or improved after moving to Spinnaker Support.  

Security Is in Everything We Do 

As a global leader in third-party Oracle and SAP support, Spinnaker Support delivers best-in-class service for considerable savings on annual support fees. Database and application security and vulnerability services have been a component of our standard support since inception in 2008, and we are continuously evolving and expanding our capabilities in these areas. 

At Spinnaker Support, we strongly believe: 

  1. Effective security must address the entire technology stack. 
  2. Full protection requires a proven process and flexible toolset.  
  3. Tailored security is the best protection for our customers. 

Combining proven processes, security products, and a staff of industry experts, Spinnaker Support continuously investigates issues and hardens and protects our customers’ application environments, delivering timely fixes and remediations throughout your customer experience. 

Spinnaker Support’s Seven-Point Security Solution 

At Spinnaker Supportwe reject the one-size-fits-all approach of software publishers and focus instead on working collaboratively with every customer. Our global security team actively advises on security concerns and monitors and reports on actionable vulnerabilities. 

From Day 1, our team adheres to a Seven-Point Security Solution based around the core concepts of Discover, Harden, and Protect for your data and critical system security. 

Using this established frameworkour experts resolve your issues as they occur and put in place the tools and procedures you need to proactively maintain secure application environments.  

Throughout the customer journey, we continue to discover, harden, and protect data and applications against security issues through the deployment of multiple services and security products. 

We investigate issues during customer onboarding and whenever a security concern arises. Discussions focus on a specific issue or explore general, security-related topics. The team advises when you log a security-related ticket and can expand the scope as needed to a full Security Assessment. 

As security topics develop, we author whitepapers and other reference materials for the benefit of all customers. We also develop position papers on specific areas of customer interest such as interoperability and virtualization. 

Our security team will assist with an audit and risk review for your systems. Reports include recommendations on configurations, encryptions, access management, and best practices and guidelines. 

We help reduce vulnerability and enhance security by helping our customers to properly configure and harden applications, operating systems, servers, databases, and networks through the review and recommendations.  

Customers submit a ticket at any time for assistance with security-related activities. These include detecting and preventing issues, identifying suspicious behavior, and fixing vulnerabilities. We use compensating controls (external to application code) to resolve security issues. 

Spinnaker Support offers additional products to enhance security, including: 

  1. Intrusion Detection Service (IDS) & Intrusion Prevention Service (IPS):  We address web and server-based threats through a combined cloud-based software and innovative analytics solution for IDS and IPS. Powered by Alert Logic, this solution features embedded human expert services to detect, assess, and block threats. 
  2. Virtual Patching: We offer Spinnaker Support Database Defender, powered by McAfee, that delivers the advantage of virtual database patching (details below).

We monitor Oracle and SAP CVEs and publish periodic email bulletins for customers. These curated bulletins for Oracle and SAP customers include CVE descriptions and offer best practice recommendations. 

Seven-Point Security vs. Software Publisher Patches 

When switching from Oracle support to third-party software support, Oracle customers are often concerned about the loss of quarterly software patches. In discussions, we explain how the reality of software patching often does not meet the promise of the security measure, because: 

  • Patches are not timely (in fact, they can be months or years late). 
  • Patches are one-size-fits-all and may be problematic for customizations. 
  • Patches may not be available for older product versions and applications.  
  • Patches require valuable time to test and install.
  • Many organizations do not patch or patch regularly due to operational constraints. 

Spinnaker Support’s Security Solution exceeds the reliance on patches alone because patches are only a partial solution for critical vulnerabilities and exposures (CVEs). Instead, Spinnaker Support’s framework covers a wider range of security issues through multiple processes and products, including hardening and vulnerability management, and products for virtual patching and intrusion detection and prevention. 

Spinnaker Support security services are responsive, on-demand, and multilayered. We treat every reported incident as a P1 ticket, and we respond to every ticket within 15 minutes. Vulnerability management is a critical point in our security solution, and our global security professionals continue to work until the security issue is properly addressed. 

Spinnaker Support Database Defender

Available now, Database Defender, powered by McAfee, detects and prevents attempted attacks and intrusions in real time, shielding databases from the risks presented by unpatched vulnerabilities. With automatic updates and an intuitive Web-based dashboard, Database Defender is easy to use and add to your existing security toolset.  

The Advantages of Database Defender: 

  • Provides immediate protection for hundreds of vulnerabilities and threats, even prior to public announcement. 
  • Installs in a simple process with no disruption to production databases. 
  • Facilitates compliance with standards such as PCI DSS, HIPAA, and others. 
  • Continues to protect older databases that are no longer supported by the vendor. 
  • Covers a comprehensive array of databases from Oracles and SAP. 

Database Defender is an optional security product, with pricing that varies per your needs. To learn more about Database Defender, view the solution brief and reach out to Spinnaker Support to discuss this product. 

Security Is a Standard of Our Operations 

We invest in your security and compliance measures with the same exacting standards we apply to our own operations. Spinnaker Support was the first third-party support provider to achieve both ISO/IEC 27001:2013 certification for managing sensitive company information and ISO 9001:2015 certification for quality management principles. We are Privacy Shield-certified, GDPR compliant, certified for both the EU-U.S. and Swiss-U.S. Privacy Shield Frameworks, and Cyber Essentials certified. 

Let's Talk

Our clients consistently rate our award-winning support at >98% satisfaction. Let’s talk about whether Spinnaker Support is right for you.

Contact Us