System News
back1 2 3 4 5 6 7 8 9 10 11 next
Archived Security Articles
25 May 2015
open to premium members only
Oracle Access Management (White Paper, 26 Pages) [43014]
Complete, Integrated, Scalable Access Management Solution

In the recent past, Access Management was mainly focused on web authentication, single sign-on, and access to intranet applications. However, the enterprise access management landscape has been evolving at a fast pace over the last few years to meet the requirements of new computing paradigms and technologies transforming the way organizations access and expose business-critical services and data...

This paper introduces Oracle Access Management, a complete solution designed to securely enable business transformation with mobile and social networking technologies, hybrid on-premise and cloud applications deployment, and hybrid Access Management deployment while preserving a seamless user experience, centralized administration, and market-leading performance and scalability.
(Get More Information . .)

14 May 2015
open to premium members only
Oracle Unified Directory 11gR2PS3 [42591]
All-in-one directory solution

Etienne Remillon writes, "We have released Oracle Unified Directory 11gR2PS3 (11.1.2.3). Oracle Unified Directory is an all-in-one directory solution with storage, proxy, synchronization and virtualization capabilities.

While unifying the approach, it provides all the services required for high-performance enterprise and carrier-grade environments. Oracle Unified Directory ensures scalability to billions of entries. It is designed for ease of installation, elastic deployments, enterprise manageability, and effective monitoring..."
(Get More Information . .)

21 Apr 2015
open to premium members only
What The Verizon Data Breach Report Means To Corporate Data Security [42104]
Michael Hickins writing in Forbes

Michael Hickins writes in 'url "http://www.forbes.com/sites/oracle/2015/04/21/what-the-verizon-data-breach-report-means-to-corporate-data-security/" "Forbes"', "Network security software is only 24% effective in fighting cybercrime, according to the most recent Verizon Data Breach Investigations Report.

Paradoxically, however, corporate victims still spend two-thirds of their security budgets defending their porous perimeters, a strategy that does nothing to stop valuable data from being stolen - if it does anything at all.

It's a well-known aphorism that there are two kinds of companies: those who know they've been breached, and those who've been breached but don't know it.

Not that there's no good news out there - companies can protect their data, their customer data, and their good name. But there's a big if there: They have to focus on the data..."
(Get More Information . .)

30 Mar 2015
open to premium members only
Thoughts about Common Criteria (CC) Evaluations [41668]
US Scheme of the CC run by the National Information Assurance Partnership (NIAP)

Josh Brickman writes, "I want to share some of our thoughts about Common Criteria (CC) evaluations specifically those under the US Scheme of the CC run by the National Information Assurance Partnership (NIAP). NIAP is one of the leaders behind the significant evolution of the Common Criteria, resulting in ratification of a new Common Criteria Recognition Arrangement last year.

In 2009, NIAP advocated for a radical change in the CC by creating Protection Profiles quickly for many technology types. As described by NIAP[i]:

In this new paradigm, NIAP will only accept products into evaluation claiming exact compliance to a NIAP-approved Protection Profile. These NIAP-approved Protection Profiles (PP) produce evaluation results that are achievable, repeatable, and testable - allowing for more a more consistent and rapid evaluation process.[ii]..."
(Get More Information . .)

25 Mar 2015
open to premium members only
Is Your Shellshocked Poodle Freaked Over Heartbleed? [41551]
"named" vulnerabilities in commonly used libraries

Mary Ann writes,"Security weenies will understand that the above title is not as nonsensical as it appears. Would that it were mere nonsense. Instead, I suspect more than a few will read the title and their heads will throb, either because the readers hit themselves in the head, accompanied by the multicultural equivalents of 'oy vey' (I'd go with 'aloha 'ino'), or because the above expression makes them reach for the most potent over- the-counter painkiller available.

For those who missed it, there was a sea change in security vulnerabilities reporting last year involving a number of mass panics around 'named' vulnerabilities in commonly-used - and widely-used - embedded libraries..."
(Get More Information . .)

16 Mar 2015
open to premium members only
Three Big Data Threat Vectors [41428]
The Biggest Breaches are Yet to Come

Troy Kitch writes, "Where a few years ago we saw 1 million to 10 million records breached in a single incident, today we are in the age of mega-breaches, where 100 and 200 million records breached is not uncommon.

According to the Independent Oracle Users Group Enterprise Data Security Survey, 34% of respondents say that a data breach at their organization is "inevitable" or "somewhat likely" in 2015.

Combine this with the fact that the 2014 Verizon Data Breach Investigations Report tallied more than 63,000 security incidents - including 1,367 confirmed data breaches. That's a lot of data breaches..."
(Get More Information . .)

 
back1 2 3 4 5 6 7 8 9 10 11 next