System News
back1 2 3 4 5 6 7 8 9 10 11 next
Archived Security Articles
14 May 2015
open to premium members only
Oracle Unified Directory 11gR2PS3 [42591]
All-in-one directory solution

Etienne Remillon writes, "We have released Oracle Unified Directory 11gR2PS3 (11.1.2.3). Oracle Unified Directory is an all-in-one directory solution with storage, proxy, synchronization and virtualization capabilities.

While unifying the approach, it provides all the services required for high-performance enterprise and carrier-grade environments. Oracle Unified Directory ensures scalability to billions of entries. It is designed for ease of installation, elastic deployments, enterprise manageability, and effective monitoring..."
(Get More Information . .)

21 Apr 2015
open to premium members only
What The Verizon Data Breach Report Means To Corporate Data Security [42104]
Michael Hickins writing in Forbes

Michael Hickins writes in 'url "http://www.forbes.com/sites/oracle/2015/04/21/what-the-verizon-data-breach-report-means-to-corporate-data-security/" "Forbes"', "Network security software is only 24% effective in fighting cybercrime, according to the most recent Verizon Data Breach Investigations Report.

Paradoxically, however, corporate victims still spend two-thirds of their security budgets defending their porous perimeters, a strategy that does nothing to stop valuable data from being stolen - if it does anything at all.

It's a well-known aphorism that there are two kinds of companies: those who know they've been breached, and those who've been breached but don't know it.

Not that there's no good news out there - companies can protect their data, their customer data, and their good name. But there's a big if there: They have to focus on the data..."
(Get More Information . .)

30 Mar 2015
open to premium members only
Thoughts about Common Criteria (CC) Evaluations [41668]
US Scheme of the CC run by the National Information Assurance Partnership (NIAP)

Josh Brickman writes, "I want to share some of our thoughts about Common Criteria (CC) evaluations specifically those under the US Scheme of the CC run by the National Information Assurance Partnership (NIAP). NIAP is one of the leaders behind the significant evolution of the Common Criteria, resulting in ratification of a new Common Criteria Recognition Arrangement last year.

In 2009, NIAP advocated for a radical change in the CC by creating Protection Profiles quickly for many technology types. As described by NIAP[i]:

In this new paradigm, NIAP will only accept products into evaluation claiming exact compliance to a NIAP-approved Protection Profile. These NIAP-approved Protection Profiles (PP) produce evaluation results that are achievable, repeatable, and testable - allowing for more a more consistent and rapid evaluation process.[ii]..."
(Get More Information . .)

25 Mar 2015
open to premium members only
Is Your Shellshocked Poodle Freaked Over Heartbleed? [41551]
"named" vulnerabilities in commonly used libraries

Mary Ann writes,"Security weenies will understand that the above title is not as nonsensical as it appears. Would that it were mere nonsense. Instead, I suspect more than a few will read the title and their heads will throb, either because the readers hit themselves in the head, accompanied by the multicultural equivalents of 'oy vey' (I'd go with 'aloha 'ino'), or because the above expression makes them reach for the most potent over- the-counter painkiller available.

For those who missed it, there was a sea change in security vulnerabilities reporting last year involving a number of mass panics around 'named' vulnerabilities in commonly-used - and widely-used - embedded libraries..."
(Get More Information . .)

16 Mar 2015
open to premium members only
Three Big Data Threat Vectors [41428]
The Biggest Breaches are Yet to Come

Troy Kitch writes, "Where a few years ago we saw 1 million to 10 million records breached in a single incident, today we are in the age of mega-breaches, where 100 and 200 million records breached is not uncommon.

According to the Independent Oracle Users Group Enterprise Data Security Survey, 34% of respondents say that a data breach at their organization is "inevitable" or "somewhat likely" in 2015.

Combine this with the fact that the 2014 Verizon Data Breach Investigations Report tallied more than 63,000 security incidents - including 1,367 confirmed data breaches. That's a lot of data breaches..."
(Get More Information . .)

11 Mar 2015
open to premium members only
Oracle Directory Server Enterprise Edition (DSEE) to Oracle Unified Directory (OUD) [41313]
Upgrade and Co-existence

Greg Jensen writes, "As a follow up on 'Why Customers Should Upgrade Directory Server Enterprise Edition (DSEE) to Oracle Unified Directory (OUD)?', I would like to illustrate in a case study how easily upgrade can be achieved.

An upgrade process can be defined as the steps required for moving from a state where application leverage data managed within a DSEE directory service to a state where applications leverage data managed within an OUD directory service.

There are multiple ways to achieve that goal:..."
(Get More Information . .)

 
back1 2 3 4 5 6 7 8 9 10 11 next