AI has compressed the vulnerability lifecycle from discovery to exploitation, enabling attackers to identify weaknesses, generate exploit code, and launch campaigns at machine speed. According to the 2026 CrowdStrike Global Threat Report , the average attack breakout time is now just 29 minutes, a 65% increase in speed since 2024. AI-enabled adversaries have increased their activity by more than 89%.

At the same time, enterprises are deploying AI agents and AI-generated applications that interact directly with sensitive data, often through overly privileged pathways that traditional application security models were not designed to govern.

For CIOs and CISOs, the challenge is to patch faster, validate changes before they disrupt production systems, enforce access controls at the data layer, and recover cleanly when ransomware, corruption, or compromised credentials disrupt operations. The database sits at the center of nearly every enterprise data estate, making it a natural starting point for protection.

Oracle , the industry’s largest database vendor, is responding to the expanding threat landscape with an expanded AI security strategy centered on data-first protection and a pricing and packaging change for some of its best security, patching, and upgrade tools. Oracle’s move is designed to help customers address the immediate AI threats.

Disclaimer: The author is an industry analyst who has provided services to Oracle and every other company mentioned in this article.

The company is offering several products at no cost for a limited period or at a 90% discount on one-year term licenses, targeting customers who need to further harden Oracle Database environments but have delayed investment due to cost, complexity, or procurement friction.

Security Begins in the Database

Oracle is consolidating a set of new and updated database capabilities under an expanded AI security strategy it calls Secure at Source, Secure at Speed, and Secure through Resilience. For CIOs running large Oracle environments, the move merits close attention, both for the capabilities offered at no cost and for what it signals about the future of database security.

Secure at Source addresses where security policy is enforced. Oracle's position is that controls built into application code can be bypassed, misconfigured, or applied inconsistently across systems, so policy needs to reside in the database layer instead, where every application, user, and AI agent that accesses the data is subject to the same rules, regardless of the connection method.

This pillar covers Deep Data Security, SQL Firewall, and Database Vault, the three capabilities that provide authorization, SQL-level access control, and privileged account protection.

Secure at Speed measures how quickly an organization can close a known vulnerability once it surfaces. Comprehensive regression testing and limited maintenance windows have historically slowed patch deployment, creating a gap that has become more costly as attackers use AI to move from discovery to exploit ever faster.

The free Database Lifecycle Management Pack and Exadata Management Pack, along with the discounted GoldenGate, GoldenGate Veridata, and Real Application Testing licenses, fall under this pillar, paired with Data Safe and Database Security Central for centralized risk visibility.

Secure through Resilience addresses what happens after prevention fails. Zero Data Loss Recovery solutions, Globally Distributed AI Database, and Oracle Maximum Availability Architecture best practices support this pillar, covering backup immutability, multi-site replication, and disaster recovery planning and implementation.

The free security, patching and upgrade tools, available through February 28, 2027, include the Database Lifecycle Management Pack and the Exadata Management Pack, both of which centralize patch deployment across databases, grid infrastructure, and Exadata systems.

It also includes Data Safe for database security assessment, data protection and activity monitoring, as well as Database Security Central, with similar capabilities, slated for a future release. This overall security portfolio enables enterprises to continuously assess risk exposure, locate and classify sensitive data, and oversee database activity across the full data estate.

The discounted tools are offered at 90% off one-year licenses for GoldenGate and GoldenGate Veridata through May 31, 2027. These products enable patching and upgrades with minimal downtime by supporting validated switchovers between synchronized environments.

Real Application Testing, also discounted, lets organizations assess how an application will behave under a patch or upgrade before deploying it in production, reducing the risk that a routine update or patch will break something critical.

On the agentic AI data protection front, Oracle directs customers to its flagship innovation, Deep Data Security. This capability applies fine-grained, identity-based authorization policies across relational, vector, and lakehouse data sources without moving data, ensuring that an AI agent acting on a user's behalf can see only what that user is authorized to see.

In-database SQL Firewall blocks unapproved SQL execution at the database layer, where it cannot be bypassed by application code. Database Vault separates administrative duties to limit what a compromised credential can do.

For resilience, Oracle Zero Data Loss Recovery products target up to the last transaction recovery with zero data loss following ransomware or corruption events, while its Globally Distributed AI Database uses Raft-based replication to keep applications running through infrastructure or site failures.

Oracle competes with Microsoft , Amazon Web Services, and other database providers that increasingly embed security, governance, and resilience capabilities directly into their platforms. Microsoft and AWS, in particular, have emphasized identity-centric security models spanning cloud services, databases, analytics platforms, and AI workloads.

Oracle’s primary differentiator is a platform architected from the outset to support all data types, development styles, and workloads. Its converged database approach centralizes security across multiple data types, avoiding the use of multiple specialized databases, which makes consistent security enforcement challenging.

Because the company controls the database engine, management plane, security controls, and recovery technologies, customers can enforce protections directly at the data layer rather than relying solely on external monitoring or policy enforcement.

Capabilities such as In-database SQL Firewall, Database Vault, and Deep Data Security operate within the database environment, providing a level of control that is very difficult to replicate with overlay security products.

The field also includes an array of specialized data security vendors, such as DSPM providers like Veeam , which focus on discovering sensitive data, monitoring access patterns, identifying excessive permissions, and enforcing governance across heterogeneous data estates.

These vendors provide consistent controls across multiple database platforms, clouds, and SaaS environments. These capabilities should be part of any comprehensive enterprise cybersecurity strategy, supplementing the core protections provided by the database itself.

Oracle’s announcement removes friction from a security discipline that many organizations still struggle to operationalize. The company acknowledges that in an AI-driven threat environment, the organizations most at risk are often not only those lacking security tools, but even more those lacking the processes to deploy patches, validate changes, and recover quickly when something goes wrong.

What’s notable is Oracle’s emphasis on securing the data layer itself. Much of the industry’s AI security discussion remains focused on models, prompts, and applications. Oracle is betting that the more durable control point is the database, where access policies, activity monitoring, and enforcement can be applied consistently, regardless of which application, API, or AI agent requests data. As AI agents gain broader autonomy, that position becomes increasingly valuable.

The broader implication is that database security, patch management, and cyber resilience are converging into a single operational discipline. Organizations can no longer treat patching, access control, and recovery planning as separate projects managed by different teams.

AI shortens the window to respond to vulnerabilities while increasing the number of systems and agents that interact with sensitive data. With AI threats arriving at machine speed and scale, success will depend on reducing the time between discovery, remediation, validation, and recovery to as close to zero as possible.

For Oracle customers, taking advantage of the free and discounted offerings is a natural first step. The greatest value will not come from the temporary pricing relief itself, but from using this period to establish automated patching workflows, implement identity-based data governance, validate recovery processes, and reduce operational reliance on manual intervention. Those capabilities will remain strategically important long after the promotional terms expire.