Information Security

Oracle Audit Vault

2007-11-07T15:31:00.001+02:00

Satisfying compliance regulations such as Sarbanes-Oxley and mitigating the risks associated with the insider threat are among the top security challenges businesses face today. Oracle Audit Vault turns audit data into a key security resource to help address today's security and compliance challenges.
Auditing is playing an increasingly important role in the areas of compliance, privacy, and security. Today the use of audit data as a security resource remains very much a manual process, requiring IT security and audit personnel to first collect the audit data, and then sift through enormous amounts of dispersed audit data using custom scripts and other methods. Oracle Audit Vault automates the audit collection and analysis process, transparently enforcing the principle of trust-but-verify.

Read more at: http://www.oracle.com/technology/products/audit-vault/index.html

Oracle touts security tests as draw to 11g database

2007-11-07T15:29:00.000+02:00

Unveiled last week at an event in New York, Database 11g is Oracle's successor to the 10g releases 1 and 2 of its database. The company has worked closely with customers over the course of a lengthy beta testing program, which began in September, and some of those users noted that it had been hard to pin Oracle down on a launch date for 11g. Andy Mendelsohn, SVP of database server technologies at Oracle, says the company has a parallel development project under way work on 11g Release 2. One area not mentioned in the listing of 11g's new features is grid computing; that is what the "g" in both 10g and 11g stands for.

Read more at: http://proquest.umi.com/pqdweb?index=2&did=1334483671&SrchMode=1&sid=2&Fmt=3&VInst=PROD&VType=PQD&RQT=309&VName=PQD&TS=1194442004&clientId=59989

Of hackers and ego

2007-10-17T09:35:00.001+03:00

The world of computer security can often be a strange and compelling one. Many outsiders, or those with little knowledge of computers, just don’t understand the whole uproar over various issues, such as whether Microsoft Vista is more secure then Linux or Mac. It’s all moot as far as the general population is concerned. But, for those of us who work in the industry, it is just more grist for the mill.

Read more at http://www.securityfocus.com/columnists/454

An article from Don Parker

Oracle Database Security - Why Oracle?

2007-10-05T16:07:00.000+03:00

For more than a quarter century Oracle has developed and refined state-of-the-art database security for government and commercial organizations worldwide. Oracle Database 11g security addresses the critical requirements around data privacy and protection, regulatory compliance, and data consolidation.
State-of-the-art security—Out-of-the-box security includes fine-grained auditing, virtual private database, row level security, database encryption, and label security
Application protection—Built-in protection at the data level means you don't have to modify your applications to secure them
Guards against inside threats—Oracle Database offers the industry's only administrative access control solution.

Safety and Security Online magazine

2007-10-05T15:48:00.000+03:00

Find out more at http://www.microsoft.com/protect/publications/default.mspx

National Cyber Security Awareness Month

2007-10-05T15:44:00.000+03:00

October is National Cyber Security Awareness Month. Microsoft and the National Cyber Security Alliance (NCSA) have teamed up again this year to help increase awareness about Internet security issues.

With a campaign that focuses on public relations activities, educational programs, and events for home users, small businesses, education audiences, and child safety forums, we want to encourage everyone who uses a personal computer to keep one idea in mind: protect yourself before you connect to the Internet.

Find out more at http://www.microsoft.com/protect/promotions/us/cybersecuritymonth_us.mspx

Oracle Security

2007-10-05T15:21:00.000+03:00

If you use Oracle database software and you value the data held in the databases you have deployed then the site of Pete Finnigan is that you need to visit and digest. Check it out at http://www.petefinnigan.com

CISSP® Professional Experience Requirement

2007-10-05T15:14:00.000+03:00

Effective 1 October 2007, professional work experience requirements for the CISSP will increase from four to five years, and direct full-time security professional work experience will be required in two or more of the ten CISSP CBK domains. A new endorsement policy will also be in effect, requiring anyone who passes a CISSP, CAP, or SSCP exam to have their qualifications endorsed by another (ISC)² credential holder. These changes will not affect those who sit for an examination on or before 30 September 2007. For more information, please refer to the Experience Requirement Change FAQs.