fbpx
 

Tag: Oracle database

Difference between Oracle’s Exadata and Exalogic

Oracle Exadata (Oracle Exadata Database Machine) is strictly a data processing solution offered by Oracle. Initially conceived and promoted as a solution for mainly large data warehouse data load processing, Oracle now boldly proclaims that Exadata is suitable for high concurrency OLTP applications as well.

Database Security Trends and Tips from the Trenches

Miro Consulting’s resident database expert Sam Alapati was recently published in Information Management Magazine addressing security tips from his years of experience in the industry. The piece addresses firewalls, encryption, identity management, GRC and cloud computing. Check out the full article here.

OWASP Tot Ten Web Application Vulnerabilities #6: Security Misconfiguration

Security misconfigurations of key application stack components such as the operating system, the web server and the application server are all potential gateways to attacks. Unfortunately for us, most security configuration vulnerabilities are not rocket science — they’re out there for everybody to learn and use (or misuse) them. Security Misconfiguration is also a way for privileged insiders to hide their malicious activity against their firm’s systems. Usually a security misconfiguration will compromise just some part of the system, but […]

OWASP Top Ten Web Application Vulnerabilities #3: Insecure Direct Object References

Insecure Direct Object References seems a pretty unwieldy term, but the way it compromises a web application is pretty straightforward. The attacker is usually an authorized system user, who simply modifies a parameter value that directly refers to a system object so it refers to another system object for which the attacker has no authorization. Potentially, an attack using this technique can compromise all data that the new parameter can reference. The root of this type of web application vulnerability […]

US-CERT Cyber Security Alerts

US-CERT is a U.S. government agency that provides response support and defense against cyber attacks. US-CERT is part of the National Cyber Security Division (NCSD) at the Department of Homeland Security (DHS). Although US-CERT’s goal is to support the government agencies to defend themselves against cyber attacks, the agency disseminates cyber security information to governments, industry and the public, free of cost. You can receive regular mailing lists of known vulnerabilities from US-CERT by going to http://www.us-cert.gov/and enrolling in their […]

In Archive