Protecting Oracle Database 12c

  • 4h 41m
  • Paul Wright
  • Apress
  • 2014

Protecting Oracle Database 12c helps you solve the problem of maximizing the safety, resilience, and security of an Oracle database whilst preserving performance, availability, and integration despite ongoing and new security issues in the software. The book demonstrates, through coded examples, how you can enable the consolidation features of Oracle Database 12c without increasing risk of either internal corruption or external vulnerability. In addition, new protections not publicly available are included, so that you can see how demonstrable risk improvements can be achieved, measured, and reported through Enterprise Manager 12c. Most importantly, the challenge of privileged access control within a consolidation environment will be addressed, thus enabling a safe move to greater efficiency.

What you’ll learn

  • Oracle database security issues and how to defend against new risks introduced by Oracle Database 12c and pre-existing architectural vulnerabilities, such as incoming DBlinks
  • Control and audit the use of SYS privilege over a large estate using native tools
  • Use Oracle native audit as an IPS to block threats in real-time
  • Leverage root segregation to secure Oracle DB
  • Secure privileged access control and break-glass sessions
  • Scale automated security controls through Enterprise Manager to a large estate
  • Improve your ability to pass audits and stay compliant

Who this book is for

Protecting Oracle Database 12c is primarily aimed at Oracle database administrators, DBA managers, and security staff who are working to safely and securely implement Oracle Database 12c in their environment. The book especially targets those using privileged access control to enable consolidation and the new cloud features set, including its multi-tenant database capabilities.

About the Author

Paul M. Wright OCP has 14 years experience of Securing Oracle within the World's leading technology and financial institutions. Paul has been credited six times by the Oracle Security Patch for ethically reporting original security improvements he has discovered. Paul instructed Oracle Security for in 2007 and has since published and presented for IOUG/UKOUG. Paul published the first book on database forensics and led the CIS 11g standard policy update. Paul's interests have expanded to include integration, availability and performance aspects and specifically how to optimise these whilst maintaining risk at acceptable levels. Paul's role as Lead Security person for the 12c Beta since March 2012 has focused new work onto securely achieving consolidation, which is the focus of his latest book for Apress.

In this Book

  • Oracle Security History
  • Current State of the Art
  • Extrapolating Current Trends
  • Managing Users in Oracle
  • Oracle Vulnerability Scanning
  • Centralized Native Auditing and IPS
  • Pluggable Database Primer
  • New Security Features in 12C
  • Design Flaws, Fixed and Remaining in 12C
  • Security Issues in 12c
  • Advanced Defense and Forensic Response
  • Privileged Access Control Foundations
  • Privileged Access Control Methods
  • Securing Privileged Access Control Systems
  • Rootkit Checker and Security Monitoring
  • Oracle Security Architecture Foundations
  • Enterprise Manager 12C as a Security Tool
  • Defending Enterprise Manager 12C
  • "The Cloud" and Privileged Access
  • Management and Conclusions