System News
back1 2 3 4 5 6 7 8 9 10 11 next
Archived Security Articles
07 Jul 2015
open to premium members only
New Security Extensions [44159]
in Oracle Solaris 11.3

Kris Kooi writes, "In Solaris 11.3, we've expanded the security extensions framework to give you more tools to defend your installations. In addition to Address Space Layout Randomization (ASLR), we now offer tools to set a non-executable stack (NXSTACK) and a non-executable heap (NXHEAP). We've also improved the sxadm(1M) utility to make it easier to manage security extension configurations..."
(Get More Information . .)

26 May 2015
open to premium members only
Security Inside Out Newsletter [43008]
May 2015 Edition

Oracle has published the May Security Inside Out newsletter. Check it out to find out about securing the big data life cycle, data security training, and more.


  • MIT Technology Review: Securing the Big Data Lifecycle
  • Oracle Training Offerings Help Close the Gap in the Availability of Trained Data Security Professionals
  • What the Verizon Data Breach Investigations Report Means to Corporate Data Security


  • 86% of Data Breaches Miss Detection; How Do You Beat the Odds?
  • Oracle Database Security Webcasts
  • Oracle Identity Management Webcasts Blogs
  • Oracle Identity Management
  • Security Inside Out Videos
  • Neustar Drives Cloud-Based Analytics
  • UPMC Discusses Privacy, Identity, and Security in Healthcare More ...
    (Get More Information . .)
25 May 2015
open to premium members only
Oracle Access Management (White Paper, 26 Pages) [43014]
Complete, Integrated, Scalable Access Management Solution

In the recent past, Access Management was mainly focused on web authentication, single sign-on, and access to intranet applications. However, the enterprise access management landscape has been evolving at a fast pace over the last few years to meet the requirements of new computing paradigms and technologies transforming the way organizations access and expose business-critical services and data...

This paper introduces Oracle Access Management, a complete solution designed to securely enable business transformation with mobile and social networking technologies, hybrid on-premise and cloud applications deployment, and hybrid Access Management deployment while preserving a seamless user experience, centralized administration, and market-leading performance and scalability.
(Get More Information . .)

14 May 2015
open to premium members only
Oracle Unified Directory 11gR2PS3 [42591]
All-in-one directory solution

Etienne Remillon writes, "We have released Oracle Unified Directory 11gR2PS3 ( Oracle Unified Directory is an all-in-one directory solution with storage, proxy, synchronization and virtualization capabilities.

While unifying the approach, it provides all the services required for high-performance enterprise and carrier-grade environments. Oracle Unified Directory ensures scalability to billions of entries. It is designed for ease of installation, elastic deployments, enterprise manageability, and effective monitoring..."
(Get More Information . .)

21 Apr 2015
open to premium members only
What The Verizon Data Breach Report Means To Corporate Data Security [42104]
Michael Hickins writing in Forbes

Michael Hickins writes in 'url "" "Forbes"', "Network security software is only 24% effective in fighting cybercrime, according to the most recent Verizon Data Breach Investigations Report.

Paradoxically, however, corporate victims still spend two-thirds of their security budgets defending their porous perimeters, a strategy that does nothing to stop valuable data from being stolen - if it does anything at all.

It's a well-known aphorism that there are two kinds of companies: those who know they've been breached, and those who've been breached but don't know it.

Not that there's no good news out there - companies can protect their data, their customer data, and their good name. But there's a big if there: They have to focus on the data..."
(Get More Information . .)

30 Mar 2015
open to premium members only
Thoughts about Common Criteria (CC) Evaluations [41668]
US Scheme of the CC run by the National Information Assurance Partnership (NIAP)

Josh Brickman writes, "I want to share some of our thoughts about Common Criteria (CC) evaluations specifically those under the US Scheme of the CC run by the National Information Assurance Partnership (NIAP). NIAP is one of the leaders behind the significant evolution of the Common Criteria, resulting in ratification of a new Common Criteria Recognition Arrangement last year.

In 2009, NIAP advocated for a radical change in the CC by creating Protection Profiles quickly for many technology types. As described by NIAP[i]:

In this new paradigm, NIAP will only accept products into evaluation claiming exact compliance to a NIAP-approved Protection Profile. These NIAP-approved Protection Profiles (PP) produce evaluation results that are achievable, repeatable, and testable - allowing for more a more consistent and rapid evaluation process.[ii]..."
(Get More Information . .)

back1 2 3 4 5 6 7 8 9 10 11 next