Changes in This Release for Oracle Database Security Assessment Tool
The Oracle Database Security Assessment Tool 4.1 (December 2025) release has been enhanced to address the Defense Information Systems Agency (DISA) Oracle Database 19c Security Technical Implementation Guide (STIG) V1R1 requirements.
The Oracle Database Security Assessment Tool 4.1 now supports Oracle AI Database 26ai and Oracle Autonomous AI Databases.
- Highlights
-
Updated INFO.PATCH: To detect CVEs from the latest Critical Patch Update for Oracle Database versions 19c, 21c, and 23ai.
-
Expanded Compliance: Enhanced support for DISA STIG for Oracle Database 19c and new checks for Oracle AI Database 26ai features, CDB$ROOT, and Oracle Database Vault.
-
- Updated sections/checks:
INFO.PATCH: Enhanced with CVE detection for comprehensive vulnerability assessment.
- General:
-
Oracle JRE Requirement: Oracle Java Runtime Environment (Oracle JRE) 17 (Oracle JDK 17) is now the minimum prerequisite.
-
Best Practices Terminology: "Oracle Best Practices (OBP)" findings are now labeled "Oracle Recommended Practices (ORP)".
-
Downloading and Installing Oracle Database Security Assessment Tool
-
To download the Oracle Database Security Assessment Tool, visit oracle.com, and click the Download DBSAT link. Alternatively, go to My Oracle Support and browse Doc ID 2138254.1.
-
See Oracle Database Security Assessment Tool User Guide for information about completing the installation of Database Security Assessment Tool.
Oracle Database Security Assessment Tool Release Notes, Release 4.1
G44165-01
Primary Authors: Ramya P, Prakash Jashnani, Jim Womack
Contributors: Anant Bhasu, Abhinav Singh, Gopal Mulagund, Pedro Lopes, Shyamsundar KG, Vivek PV