Expert Oracle Application Express Security

  • 5h 48m
  • Scott Spendolini
  • Apress
  • 2013

Expert Oracle Application Express Security covers all facets of security related to Oracle Application Express (APEX) development. From basic settings that can enhance security, to preventing SQL Injection and Cross Site Scripting attacks, Expert Oracle Application Express Security shows how to secure your APEX applications and defend them from intrusion.

Security is a process, not an event. Expert Oracle Application Express Security is written with that theme in mind. Scott Spendolini, one of the original creators of the product, offers not only examples of security best practices, but also provides step-by-step instructions on how to implement the recommendations presented. A must-read for even the most experienced APEX developer, Expert Oracle Application Express Security can help your organization ensure their APEX applications are as secure as they can be.

What you’ll learn

  • Devise and execute a security plan
  • Ensure your installation of APEX is configured most securely
  • Prevent SQL Injection, cross site scripting, and URL tampering attacks
  • Protect your data during all phases of its lifetime
  • Apply security features built into the database layer
  • Design APEX applications to safely be deployed on the Internet

Who this book is for

Expert Oracle Application Express Security is aimed at developers and administrators deploying applications created using Oracle Application Express (APEX). The topic is especially important when those applications are public-facing or involve sensitive data. Any Application Express developer or administrator who wants to sleep well at night in an era of network intrusion and data thievery will want this book.

About the Author

Scott Spendolini is president & co-founder of Sumneva, a world-class Oracle Application Express (APEX) consulting, training, and solutions firm founded in 2010. He has assisted a number of clients from various verticals with their Oracle APEX development and training needs. Spendolini has presented at a number of Oracle-related conferences, including Oracle OpenWorld, ODTUG, and IOUG, and is a regular contributor to the Oracle APEX Forums on OTN. Spendolini is also the host & conference chair of APEXposed, an APEX-specific annual conference. He is a recent recipient of the Oracle Ace Director designation and is also a co-author of the book Pro Oracle Application Express. In 2009, Spendolini, along with ODTUG, was presented with the Oracle Innovation Award for his work on ODTUG’s public web site, Spendolini is also an Oracle Certified Oracle Application Express developer.

Prior to co-founding Sumneva, Spendolini founded and ran Sumner Technologies from 2005 through 2009, which also focused on Oracle APEX consulting, training, and solutions. Before that, he was employed by Oracle Corporation for almost 10 years, the last three of which he was a senior product manager for Oracle APEX. He holds a dual bachelor's degree from Syracuse University in management information systems and telecommunications management.

In this Book

  • Threat Analysis
  • Implementing a Security Plan
  • APEX Architecture
  • Instance Settings
  • Workspace Settings
  • Application Settings
  • Application Threats
  • User Authentication
  • User Authorization
  • Secure Export to CSV
  • Secure Views
  • Virtual Private Database
  • Shadow Schema
  • Encryption