Database Security Vendor Sentrigo Releases Free Oracle Database Code Analysis Tool | eWeek

Database Security Vendor Sentrigo Releases Free Oracle Database Code Analysis Tool

Written By
Brian Prince
Brian Prince
Feb 4, 2009
2 minute read
eWeek content and product recommendations are editorially independent. We may make money when you click on links to our partners. Learn More

Database security vendor Sentrigo wants to help programmers, database administrators and security pros pinpoint vulnerabilities in code before hackers get their hands on them.

To do this, the company has released a free fuzzing utility for Oracle databases to help identify vulnerabilities in PL/SQL code. Dubbed FuzzOr, the open-source tool is now available for download and allows PL/SQL programmers and others to catch and remediate security issues that may be exploited through SQL injection and buffer overflows attacks.

“There are thousands of applications in use today, some from Oracle and many others from third parties, that may contain vulnerabilities that make the database subject to attack,” said Slavik Markovich, CTO of Sentrigo, in a statement. “With hackers using increasingly sophisticated techniques to attack databases, proactive testing conducted on a regular basis can help flag potential vulnerabilities that may otherwise go unnoticed.”

Sentrigo’s FuzzOr runs on Oracle database versions 8i and above. A dynamic scanning tool, FuzzOr enables users to test PL/SQL code inside Oracle-stored program units, Sentrigo officials said. Once vulnerabilities are detected by FuzzOr, a programmer can fix the PL/SQL code. In cases of legacy or complex applications where code changes and repairs are more difficult to implement, FuzzOr integrates into Sentrigo’s Hedgehog products and automatically generates virtual patching to prevent or alert users of attempts to exploit the discovered vulnerabilities.

“FuzzOr is a useful tool in helping unearth exploitable vulnerabilities and plugging database security holes against malicious activities,” Oracle security expert Pete Finnigan said in a statement. “Traditional source code analysis tools are lacking in their availability for Oracle PL/SQL and this tool nicely fills the gap for testing your own PL/SQL or that of your application vendor.”

eWeek Logo

eWeek has the latest technology news and analysis, buying guides, and product reviews for IT professionals and technology buyers. The site's focus is on innovative solutions and covering in-depth technical content. eWeek stays on the cutting edge of technology news and IT trends through interviews and expert analysis. Gain insight from top innovators and thought leaders in the fields of IT, business, enterprise software, startups, and more.

Property of TechnologyAdvice. © 2026 TechnologyAdvice. All Rights Reserved

Advertiser Disclosure: Some of the products that appear on this site are from companies from which TechnologyAdvice receives compensation. This compensation may impact how and where products appear on this site including, for example, the order in which they appear. TechnologyAdvice does not include all companies or all types of products available in the marketplace.