[canistr]

It's probably safer to assume CSE/CSIS would use open-source tools than stuff from MSFT/ORCL.

[derefr]

Especially because, unlike the NSA, they can't send legally-enforceable secret letters telling MSFT and ORCL what to do.

[hunterjrj]

Anecdotal, but I was in an Oracle University training course last year with someone who confirmed, in an indirect and vague way, that he worked for the CSE. We were training on Oracle Database 12. He had plenty of "real world scenario" questions.