fbpx
 

Category: Oracle database

State of the Security Work Force 2011
Sam AlapatiDatabase security, Oracle databaseLeave a Comment on State of the Security Work Force 2011

Frost & Sullivan and the security professional group (ISC)2 recently conducted a survey on the state of security work force. The survey’s leader says that information security professionals are too busy with their day-to-day work to devote enough time for security related work. This inability to focus on security work leaves IT security professionals unprepared for major technological changes such as cloud computing and the increasingly sophisticated spectrum of application security threats. The survey’s report states that companies are potentially […]

SANS 20 Critical IT Security Controls: #12: Malware Defenses
Sam AlapatiDatabase security, Oracle databaseLeave a Comment on SANS 20 Critical IT Security Controls: #12: Malware Defenses

One of the most vulnerable security areas is malicious software that hackers piggyback on to steal your data. Companies may suddenly find their E-Mail systems hacked because an employee unwittingly opened a malicious email attachment. Hackers target companies through malicious software that gains entry to your system though email attachments, web browser and mobile devices. To counteract malware, you must use antivirus and anti spyware software. Tools such as this can detect malware and block their execution. If you want […]

OWAP Top Ten – #3. Broken Authentication and Session Management
Sam AlapatiDatabase security, Oracle databaseLeave a Comment on OWAP Top Ten – #3. Broken Authentication and Session Management

One of the most vulnerable areas of web applications is the authentication and session management. Weak authentication and session management enlaces hackers to steal passwords, session tokens, encryption keys and even assume the identity of legitimate users. Session IDs are frequently exposed without the SSL or TSL protection or revealed through the rewriting of URLs. The attackers could be external hackers or insiders who want to use other user’s accounts to perform malicious acts. The problem is caused mainly because […]

SANS 20 Critical Controls #9: Controlled Access Based on Need to Know
Sam AlapatiDatabase security, DSS (Data Security Standard), Oracle database, Oracle: News You Can UseLeave a Comment on SANS 20 Critical Controls #9: Controlled Access Based on Need to Know

The first step you must take is to identify your sensitive data, by establishing a data identification scheme. A multi level data sensitivity classification based on the sensitive level of the data is especially useful.

SANS 20 Critical IT Controls #8: Controlled Use of Administrative Privileges
Sam AlapatiDatabase security, DSS (Data Security Standard), Oracle database, Oracle: News You Can UseLeave a Comment on SANS 20 Critical IT Controls #8: Controlled Use of Administrative Privileges

A common technique used b y hackers is to guess the passwords for administrative users to gain access to a server, and from there compromise vast swatches of a system. Hackers are constantly devising powerful password cracking tools to see if they could grab a system admin or network admin’s password.

SANS 20 Critical IT Controls #7: Application Software Security
Sam AlapatiDatabase security, DSS (Data Security Standard), Oracle database, Oracle: News You Can UseLeave a Comment on SANS 20 Critical IT Controls #7: Application Software Security

While strengthening your network and perimeter security does keep potential attackers away, you do want people to access your web sites and web application, of course. Unfortunately, while most users access your applications and web sites for legitimate purposes, you can’t control the user input.

In Archive