SlideShare ist ein Scribd-Unternehmen logo

Thy myth of hacking Oracle

E
Ermando

Peter Kestner / The Myth of Hacking Oracle

Technologie
1 von 30
<Insert Picture Here> Thy myth of hacking Oracle Peter Kestner Technology Director – Database Security Oracle Core Technology EMEA
More data than ever… Growth Doubles Yearly 1,800 Exabytes 2006 2011 Source: IDC, 2008 2
More breaches then ever… Data Breach Once exposed, the data is out there – the bell can’t be un-rung PUBLICLY REPORTED DATA BREACHES 630% Increase Total Personally Identifying Information Records Exposed (Millions) Source: DataLossDB, 2009 3
More threats than ever… 4
More Regulations Than Ever… UK/PRO PIPEDA EU Data Directives Sarbanes-Oxley GLBA PCI Basel II Breach Disclosure FISMA K SOX Euro SOX J SOX HIPAA ISO 17799 SAS 70 COBIT AUS/PRO 90% Companies behind in compliance Source: IT Policy Compliance Group, 2009. 5
Market Overview: IT Security In 2009 There has been a clear and significant shift from what was the widely recognized state of security just a few years ago. Protecting the organization's information assets is the top issue facing security programs: data security (90%) is most often cited as an important or very important issue for IT security organizations, followed by application security (86%). 6
The Myth of Hacking Oracle WHERE WHO HOW PROTECTION
Where does the attacks come from ? WHERE WHO HOW PROTECTION 20% External 80% Internal Source: Verizon Data Breach Report 2009
Official Statistics Industry relation WHERE WHO HOW PROTECTION Source: Verizon Data Breach Report 2009
The Myth of Hacking Oracle WHERE WHO HOW PROTECTION
Who is attacking us ? WHERE WHO Hack3rs 20 % HOW Insiders 80 % PROTECTION
Short Facts (internal & external) 87 % of all Databases are compromised over the Operating System 80 % of the damage is caused by insiders 1% of all professional hacks are only recognized 10 % of all “standard hacks” are made public
Highscore List (external) Source: Black Hat Convention 2008 40sec Windows XP SP2 55sec Windows Vista 63sec Windows NT4.0 WKST, SP4 70sec Windows 2003 Server 140sec Linux Kernel 2.6. 190sec Sun Solaris 5.9 with rootkit ... List includes also AIX, HPUX, OS2, OSX, IRIX, …
Shopping List 2007/2008 (external) Source: heise security, DEFCON 2008, BlackHat 2008 50.000 $ Windows Vista Exploit (4000$ for WMF Exploit in Dec2005) 7 $ per ebay-Account 20.000 $ medium size BOT network 30.000 $ unknown security holes in well known applications 25-60 $ per 1000 BOT clients / week
Crisis Shopping List 2009 (external) Source: heise security, DEFCON 2009, BlackHat 2009 100.000 $ Destruction of competitor image 250.000 $ Full internal competitor database 25 $ per credit card account (+sec code + valid date) 20.000 $ medium size BOT network (buy or rent) 2000 $ stolen VPN connection 5000 $ contact to “turned around” insider
WHERE WHO Hack3rs 20 % HOW Insiders 80 % PROTECTION
Insider examples !!! European headlines 2008/2009: - lost top secret document about Al Quaida (public train) - stolen data of thousand prisoners and prison guards - personal information of 70Mio people unencrypted on DVD‘s lost - bank employee gambled with 5.4Bio US$ - 88% of admins would steal sensitive corporate informations - Industry espionage by insiders increased dramatically - biggest criminal network (RBN) still operating - Tousends of stolen hardware equipement @ US Army - US Army lost 50.000 personal data of former soliers - Chinas „Red Dragon“ organization cracked german gov network - Lichtenstein Affaire – Insider vs. Secret Service - .. -.
Insider Threat Outsourcing and off-shoring trend becomes now a governmental problem (judgement decission) Large percentage of threats go undetected - huge internal know how - powerful privileges - track cleaning - „clearance“ problem - foreign contact persons / turnovers Easier exchange of sensitive data (hacker‘s ebay, RBN, paralell internet, dead postboxes...)
Official Statistics Relation internal / external Source: Verizon Data Breach Report 2009
Official Statistics 3 years development Partner ?! Source: Verizon Data Breach Report 2009
The Myth of Hacking Oracle WHERE WHO HOW PROTECTION
How we get attacked WHERE Active Passive Hack Hack WHO Over 80% of all hacks are done from Internal External HOW internal Hack Hack PROTECTION At the moment one Technical Nontechnical of the most dangerous and Hack Hack effectives methode in the scene
How we get attacked -- REALITY - Standard configuration WHERE - Misconfiguration - Misunderstanding of security WHO - Human errors HOW - Process/Workflow errors - “old” versions / no patches PROTECTION - Known/published wholes/bugs/workarounds - Downloadable cracking software (script kiddies) - Real hacks/cracks
The Myth of Hacking Oracle WHERE WHO HOW PROTECTION
Protection WHERE WHO > 90% HOW of our security problems PROTECTION could be solved
Think … Security is a „race“, if you stop running you‘ll lose Security IS NOT a product; it‘s an ongoing living process Train your employees Security IS an intelligent combination of more areas -> „Big picture“ Focus on your data, not only on the technic Start with the basics
Think about Solutions… Problem Oracle Solution Oracle Security Product • External Attackers • Separation of duties • Advanced Security Options (ASO) • Internal Threats • Insider threat protection • Network encryption • Image Damage • Strong access authentication • Transparent data encryption • Internal Security Regulations • Strong encryption (DB/OS/Net) • Strong authentication • Regulatory Compliances • Fine grained real time external • Database Vault auditing Audit Vault • .. • • Data consolidation control Secure Backup • . • • High availability + Security • Virtual Privat Database (VPD) combination • Oracle Label Security (OLS) • Data Masking • Total Recall Oracle Differentiator / no competition
Database Defense-in-Depth Monitoring • Configuration Management • Audit Vault • Total Recall Access Control • Database Vault • Label Security Encryption & Masking Encryption & Masking • Advanced Security Access Control • Secure Backup Monitoring • Data Masking Oracle Confidential 48
1. ŞĐFRE ORACLE 29
Security

Empfohlen

Oracle tech db-02-hacking-neum-15.04.2010
Oracle tech db-02-hacking-neum-15.04.2010Oracle tech db-02-hacking-neum-15.04.2010
Oracle tech db-02-hacking-neum-15.04.2010Oracle BH
 
Trends In The Israeli Information Security Market 2008
Trends In The Israeli Information Security Market 2008Trends In The Israeli Information Security Market 2008
Trends In The Israeli Information Security Market 2008Shahar Geiger Maor
 
DSS ITSEC Conference 2012 - Varonis Eliminating Data Security Threats
DSS ITSEC Conference 2012 - Varonis Eliminating Data Security ThreatsDSS ITSEC Conference 2012 - Varonis Eliminating Data Security Threats
DSS ITSEC Conference 2012 - Varonis Eliminating Data Security ThreatsAndris Soroka
 
2014 Conference Brochure - GRC 2.0 Breaking Down the Silos
2014 Conference Brochure - GRC 2.0 Breaking Down the Silos2014 Conference Brochure - GRC 2.0 Breaking Down the Silos
2014 Conference Brochure - GRC 2.0 Breaking Down the SilosNeil Curran MSc CISSP CRISC CGEIT CISM CISA
 
A6704d01
A6704d01A6704d01
A6704d01mudigonda
 
Looking Forward… and Beyond - Distinctiveness Through Security Excellence
Looking Forward… and Beyond - Distinctiveness Through Security ExcellenceLooking Forward… and Beyond - Distinctiveness Through Security Excellence
Looking Forward… and Beyond - Distinctiveness Through Security ExcellenceLudovic Petit
 
임베디드 리눅스 악성코드로 본 사물인터넷 보안 차민석 20150406_코드게이트 발표판
임베디드 리눅스 악성코드로 본 사물인터넷 보안 차민석 20150406_코드게이트 발표판임베디드 리눅스 악성코드로 본 사물인터넷 보안 차민석 20150406_코드게이트 발표판
임베디드 리눅스 악성코드로 본 사물인터넷 보안 차민석 20150406_코드게이트 발표판Minseok(Jacky) Cha
 
Understanding The Security Vendor Landscape Using the Cyber Defense Matrix (R...
Understanding The Security Vendor Landscape Using the Cyber Defense Matrix (R...Understanding The Security Vendor Landscape Using the Cyber Defense Matrix (R...
Understanding The Security Vendor Landscape Using the Cyber Defense Matrix (R...Sounil Yu
 

Empfohlen

Oracle tech db-02-hacking-neum-15.04.2010
Oracle tech db-02-hacking-neum-15.04.2010Oracle tech db-02-hacking-neum-15.04.2010
Oracle tech db-02-hacking-neum-15.04.2010Oracle BH
 
Trends In The Israeli Information Security Market 2008
Trends In The Israeli Information Security Market 2008Trends In The Israeli Information Security Market 2008
Trends In The Israeli Information Security Market 2008Shahar Geiger Maor
 
DSS ITSEC Conference 2012 - Varonis Eliminating Data Security Threats
DSS ITSEC Conference 2012 - Varonis Eliminating Data Security ThreatsDSS ITSEC Conference 2012 - Varonis Eliminating Data Security Threats
DSS ITSEC Conference 2012 - Varonis Eliminating Data Security ThreatsAndris Soroka
 
2014 Conference Brochure - GRC 2.0 Breaking Down the Silos
2014 Conference Brochure - GRC 2.0 Breaking Down the Silos2014 Conference Brochure - GRC 2.0 Breaking Down the Silos
2014 Conference Brochure - GRC 2.0 Breaking Down the SilosNeil Curran MSc CISSP CRISC CGEIT CISM CISA
 
A6704d01
A6704d01A6704d01
A6704d01mudigonda
 
Looking Forward… and Beyond - Distinctiveness Through Security Excellence
Looking Forward… and Beyond - Distinctiveness Through Security ExcellenceLooking Forward… and Beyond - Distinctiveness Through Security Excellence
Looking Forward… and Beyond - Distinctiveness Through Security ExcellenceLudovic Petit
 
임베디드 리눅스 악성코드로 본 사물인터넷 보안 차민석 20150406_코드게이트 발표판
임베디드 리눅스 악성코드로 본 사물인터넷 보안 차민석 20150406_코드게이트 발표판임베디드 리눅스 악성코드로 본 사물인터넷 보안 차민석 20150406_코드게이트 발표판
임베디드 리눅스 악성코드로 본 사물인터넷 보안 차민석 20150406_코드게이트 발표판Minseok(Jacky) Cha
 
Understanding The Security Vendor Landscape Using the Cyber Defense Matrix (R...
Understanding The Security Vendor Landscape Using the Cyber Defense Matrix (R...Understanding The Security Vendor Landscape Using the Cyber Defense Matrix (R...
Understanding The Security Vendor Landscape Using the Cyber Defense Matrix (R...Sounil Yu
 
Avc aph 201207_en
Avc aph 201207_enAvc aph 201207_en
Avc aph 201207_enAnatoliy Tkachev
 
GDPR, Data Privacy and Cybersecurity - MIT Symposium
GDPR, Data Privacy and Cybersecurity - MIT SymposiumGDPR, Data Privacy and Cybersecurity - MIT Symposium
GDPR, Data Privacy and Cybersecurity - MIT SymposiumEric Vanderburg
 
VTI Learning Series Beyond the Convergence of Physical & Cyber Security
VTI Learning Series Beyond the Convergence of Physical & Cyber SecurityVTI Learning Series Beyond the Convergence of Physical & Cyber Security
VTI Learning Series Beyond the Convergence of Physical & Cyber SecurityShane Glenn
 
Ifc gdpr strat digit mai 2021
Ifc gdpr strat digit mai 2021Ifc gdpr strat digit mai 2021
Ifc gdpr strat digit mai 2021Prof. Jacques Folon (Ph.D)
 
Lumension Security - State of Endpoint and Security DSS @Vilnius 2010
Lumension Security - State of Endpoint and Security DSS @Vilnius 2010Lumension Security - State of Endpoint and Security DSS @Vilnius 2010
Lumension Security - State of Endpoint and Security DSS @Vilnius 2010Andris Soroka
 
Fundamentals of Information Systems Security Chapter 10
Fundamentals of Information Systems Security Chapter 10Fundamentals of Information Systems Security Chapter 10
Fundamentals of Information Systems Security Chapter 10Dr. Ahmed Al Zaidy
 
Cyber Vigilantes: Turning the Tables on Hackers
Cyber Vigilantes: Turning the Tables on HackersCyber Vigilantes: Turning the Tables on Hackers
Cyber Vigilantes: Turning the Tables on HackersImperva
 
Fundamentals of Information Systems Security Chapter 6
Fundamentals of Information Systems Security Chapter 6Fundamentals of Information Systems Security Chapter 6
Fundamentals of Information Systems Security Chapter 6Dr. Ahmed Al Zaidy
 
Security 2 Q 07[1]
Security 2 Q 07[1]Security 2 Q 07[1]
Security 2 Q 07[1]Sharpe Smith
 
Network cloaking sansv2_
Network cloaking sansv2_Network cloaking sansv2_
Network cloaking sansv2_CMR WORLD TECH
 
GPDR_Get-Data-Protection-Right
GPDR_Get-Data-Protection-RightGPDR_Get-Data-Protection-Right
GPDR_Get-Data-Protection-RightJames '​-- Mckinlay
 
netwealth and Sense Of Security webinar: What you need to know about cyber se...
netwealth and Sense Of Security webinar: What you need to know about cyber se...netwealth and Sense Of Security webinar: What you need to know about cyber se...
netwealth and Sense Of Security webinar: What you need to know about cyber se...netwealthInvest
 
Cisco ccna security
Cisco ccna securityCisco ccna security
Cisco ccna securityMt Mostafa
 
Good-cyber-hygiene-at-scale-and-speed
Good-cyber-hygiene-at-scale-and-speedGood-cyber-hygiene-at-scale-and-speed
Good-cyber-hygiene-at-scale-and-speedJames '​-- Mckinlay
 
Distributed Immutable Ephemeral - New Paradigms for the Next Era of Security
Distributed Immutable Ephemeral - New Paradigms for the Next Era of SecurityDistributed Immutable Ephemeral - New Paradigms for the Next Era of Security
Distributed Immutable Ephemeral - New Paradigms for the Next Era of SecuritySounil Yu
 
Conf2013 bchristensen thebig_t
Conf2013 bchristensen thebig_tConf2013 bchristensen thebig_t
Conf2013 bchristensen thebig_tBeau Christensen
 
OS17 Brochure
OS17 BrochureOS17 Brochure
OS17 BrochureDominic Vogel
 
Cybersecurity Incident Response Strategies and Tactics - RIMS 2017 - Eric Van...
Cybersecurity Incident Response Strategies and Tactics - RIMS 2017 - Eric Van...Cybersecurity Incident Response Strategies and Tactics - RIMS 2017 - Eric Van...
Cybersecurity Incident Response Strategies and Tactics - RIMS 2017 - Eric Van...Eric Vanderburg
 
Edith Turuka: Cyber-Security, An Eye Opener to the Society
Edith Turuka: Cyber-Security, An Eye Opener to the SocietyEdith Turuka: Cyber-Security, An Eye Opener to the Society
Edith Turuka: Cyber-Security, An Eye Opener to the SocietyHamisi Kibonde
 
Fundamentals of Information Systems Security Chapter 3
Fundamentals of Information Systems Security Chapter 3Fundamentals of Information Systems Security Chapter 3
Fundamentals of Information Systems Security Chapter 3Dr. Ahmed Al Zaidy
 
Andalusia the landscape
Andalusia the landscapeAndalusia the landscape
Andalusia the landscapeMari Carmen Ocete, C.E.I.P. Francisco Giner de los Ríos
 
Android Beyond The Phone
Android Beyond The PhoneAndroid Beyond The Phone
Android Beyond The PhoneMarko Gargenta
 

Weitere ähnliche Inhalte

Was ist angesagt?

GDPR, Data Privacy and Cybersecurity - MIT Symposium
GDPR, Data Privacy and Cybersecurity - MIT SymposiumGDPR, Data Privacy and Cybersecurity - MIT Symposium
GDPR, Data Privacy and Cybersecurity - MIT SymposiumEric Vanderburg
 
VTI Learning Series Beyond the Convergence of Physical & Cyber Security
VTI Learning Series Beyond the Convergence of Physical & Cyber SecurityVTI Learning Series Beyond the Convergence of Physical & Cyber Security
VTI Learning Series Beyond the Convergence of Physical & Cyber SecurityShane Glenn
 
Lumension Security - State of Endpoint and Security DSS @Vilnius 2010
Lumension Security - State of Endpoint and Security DSS @Vilnius 2010Lumension Security - State of Endpoint and Security DSS @Vilnius 2010
Lumension Security - State of Endpoint and Security DSS @Vilnius 2010Andris Soroka
 
Fundamentals of Information Systems Security Chapter 10
Fundamentals of Information Systems Security Chapter 10Fundamentals of Information Systems Security Chapter 10
Fundamentals of Information Systems Security Chapter 10Dr. Ahmed Al Zaidy
 
Cyber Vigilantes: Turning the Tables on Hackers
Cyber Vigilantes: Turning the Tables on HackersCyber Vigilantes: Turning the Tables on Hackers
Cyber Vigilantes: Turning the Tables on HackersImperva
 
Fundamentals of Information Systems Security Chapter 6
Fundamentals of Information Systems Security Chapter 6Fundamentals of Information Systems Security Chapter 6
Fundamentals of Information Systems Security Chapter 6Dr. Ahmed Al Zaidy
 
Security 2 Q 07[1]
Security 2 Q 07[1]Security 2 Q 07[1]
Security 2 Q 07[1]Sharpe Smith
 
Network cloaking sansv2_
Network cloaking sansv2_Network cloaking sansv2_
Network cloaking sansv2_CMR WORLD TECH
 
netwealth and Sense Of Security webinar: What you need to know about cyber se...
netwealth and Sense Of Security webinar: What you need to know about cyber se...netwealth and Sense Of Security webinar: What you need to know about cyber se...
netwealth and Sense Of Security webinar: What you need to know about cyber se...netwealthInvest
 
Cisco ccna security
Cisco ccna securityCisco ccna security
Cisco ccna securityMt Mostafa
 
Good-cyber-hygiene-at-scale-and-speed
Good-cyber-hygiene-at-scale-and-speedGood-cyber-hygiene-at-scale-and-speed
Good-cyber-hygiene-at-scale-and-speedJames '​-- Mckinlay
 
Distributed Immutable Ephemeral - New Paradigms for the Next Era of Security
Distributed Immutable Ephemeral - New Paradigms for the Next Era of SecurityDistributed Immutable Ephemeral - New Paradigms for the Next Era of Security
Distributed Immutable Ephemeral - New Paradigms for the Next Era of SecuritySounil Yu
 
Conf2013 bchristensen thebig_t
Conf2013 bchristensen thebig_tConf2013 bchristensen thebig_t
Conf2013 bchristensen thebig_tBeau Christensen
 
Cybersecurity Incident Response Strategies and Tactics - RIMS 2017 - Eric Van...
Cybersecurity Incident Response Strategies and Tactics - RIMS 2017 - Eric Van...Cybersecurity Incident Response Strategies and Tactics - RIMS 2017 - Eric Van...
Cybersecurity Incident Response Strategies and Tactics - RIMS 2017 - Eric Van...Eric Vanderburg
 
Edith Turuka: Cyber-Security, An Eye Opener to the Society
Edith Turuka: Cyber-Security, An Eye Opener to the SocietyEdith Turuka: Cyber-Security, An Eye Opener to the Society
Edith Turuka: Cyber-Security, An Eye Opener to the SocietyHamisi Kibonde
 
Fundamentals of Information Systems Security Chapter 3
Fundamentals of Information Systems Security Chapter 3Fundamentals of Information Systems Security Chapter 3
Fundamentals of Information Systems Security Chapter 3Dr. Ahmed Al Zaidy
 

Was ist angesagt? (20)

Avc aph 201207_en
Avc aph 201207_enAvc aph 201207_en
Avc aph 201207_en
 
GDPR, Data Privacy and Cybersecurity - MIT Symposium
GDPR, Data Privacy and Cybersecurity - MIT SymposiumGDPR, Data Privacy and Cybersecurity - MIT Symposium
GDPR, Data Privacy and Cybersecurity - MIT Symposium
 
VTI Learning Series Beyond the Convergence of Physical & Cyber Security
VTI Learning Series Beyond the Convergence of Physical & Cyber SecurityVTI Learning Series Beyond the Convergence of Physical & Cyber Security
VTI Learning Series Beyond the Convergence of Physical & Cyber Security
 
Ifc gdpr strat digit mai 2021
Ifc gdpr strat digit mai 2021Ifc gdpr strat digit mai 2021
Ifc gdpr strat digit mai 2021
 
Lumension Security - State of Endpoint and Security DSS @Vilnius 2010
Lumension Security - State of Endpoint and Security DSS @Vilnius 2010Lumension Security - State of Endpoint and Security DSS @Vilnius 2010
Lumension Security - State of Endpoint and Security DSS @Vilnius 2010
 
Fundamentals of Information Systems Security Chapter 10
Fundamentals of Information Systems Security Chapter 10Fundamentals of Information Systems Security Chapter 10
Fundamentals of Information Systems Security Chapter 10
 
Cyber Vigilantes: Turning the Tables on Hackers
Cyber Vigilantes: Turning the Tables on HackersCyber Vigilantes: Turning the Tables on Hackers
Cyber Vigilantes: Turning the Tables on Hackers
 
Fundamentals of Information Systems Security Chapter 6
Fundamentals of Information Systems Security Chapter 6Fundamentals of Information Systems Security Chapter 6
Fundamentals of Information Systems Security Chapter 6
 
Security 2 Q 07[1]
Security 2 Q 07[1]Security 2 Q 07[1]
Security 2 Q 07[1]
 
Network cloaking sansv2_
Network cloaking sansv2_Network cloaking sansv2_
Network cloaking sansv2_
 
GPDR_Get-Data-Protection-Right
GPDR_Get-Data-Protection-RightGPDR_Get-Data-Protection-Right
GPDR_Get-Data-Protection-Right
 
netwealth and Sense Of Security webinar: What you need to know about cyber se...
netwealth and Sense Of Security webinar: What you need to know about cyber se...netwealth and Sense Of Security webinar: What you need to know about cyber se...
netwealth and Sense Of Security webinar: What you need to know about cyber se...
 
Cisco ccna security
Cisco ccna securityCisco ccna security
Cisco ccna security
 
Good-cyber-hygiene-at-scale-and-speed
Good-cyber-hygiene-at-scale-and-speedGood-cyber-hygiene-at-scale-and-speed
Good-cyber-hygiene-at-scale-and-speed
 
Distributed Immutable Ephemeral - New Paradigms for the Next Era of Security
Distributed Immutable Ephemeral - New Paradigms for the Next Era of SecurityDistributed Immutable Ephemeral - New Paradigms for the Next Era of Security
Distributed Immutable Ephemeral - New Paradigms for the Next Era of Security
 
Conf2013 bchristensen thebig_t
Conf2013 bchristensen thebig_tConf2013 bchristensen thebig_t
Conf2013 bchristensen thebig_t
 
OS17 Brochure
OS17 BrochureOS17 Brochure
OS17 Brochure
 
Cybersecurity Incident Response Strategies and Tactics - RIMS 2017 - Eric Van...
Cybersecurity Incident Response Strategies and Tactics - RIMS 2017 - Eric Van...Cybersecurity Incident Response Strategies and Tactics - RIMS 2017 - Eric Van...
Cybersecurity Incident Response Strategies and Tactics - RIMS 2017 - Eric Van...
 
Edith Turuka: Cyber-Security, An Eye Opener to the Society
Edith Turuka: Cyber-Security, An Eye Opener to the SocietyEdith Turuka: Cyber-Security, An Eye Opener to the Society
Edith Turuka: Cyber-Security, An Eye Opener to the Society
 
Fundamentals of Information Systems Security Chapter 3
Fundamentals of Information Systems Security Chapter 3Fundamentals of Information Systems Security Chapter 3
Fundamentals of Information Systems Security Chapter 3
 

Andere mochten auch

Android Beyond The Phone
Android Beyond The PhoneAndroid Beyond The Phone
Android Beyond The PhoneMarko Gargenta
 
Econ635ukpres2
Econ635ukpres2Econ635ukpres2
Econ635ukpres2liangtfm
 
男前豆腐店株式会社
男前豆腐店株式会社男前豆腐店株式会社
男前豆腐店株式会社ripper0217
 
E twinning is 5 (nx powerlite) (nxpowerlite)
E twinning is 5 (nx powerlite) (nxpowerlite)E twinning is 5 (nx powerlite) (nxpowerlite)
E twinning is 5 (nx powerlite) (nxpowerlite)ivanabrabcova
 
Tilitoimiston laajentunut palvelutarjooma_160410
Tilitoimiston laajentunut palvelutarjooma_160410Tilitoimiston laajentunut palvelutarjooma_160410
Tilitoimiston laajentunut palvelutarjooma_160410ValueFrame Oy
 
Effective Benefit Plan Administration
Effective Benefit Plan AdministrationEffective Benefit Plan Administration
Effective Benefit Plan AdministrationYafa Sakkejha
 
Anixter
AnixterAnixter
Anixterrrakib
 
Social Media & Advertising: ¿Cómo los Social Media están cambiando el escenar...
Social Media & Advertising: ¿Cómo los Social Media están cambiando el escenar...Social Media & Advertising: ¿Cómo los Social Media están cambiando el escenar...
Social Media & Advertising: ¿Cómo los Social Media están cambiando el escenar...fotocasa
 
新たな社会貢献のカタチ
新たな社会貢献のカタチ新たな社会貢献のカタチ
新たな社会貢献のカタチripper0217
 
BlogWorld Session - How PR and Bloggers Can Better Connect
BlogWorld Session - How PR and Bloggers Can Better ConnectBlogWorld Session - How PR and Bloggers Can Better Connect
BlogWorld Session - How PR and Bloggers Can Better ConnectKayak Online Marketing
 
Going beyond capitalism - a buddhist perspective
Going beyond capitalism - a buddhist perspectiveGoing beyond capitalism - a buddhist perspective
Going beyond capitalism - a buddhist perspectiveClear Vision Trust
 
Мягкое управление (начало)
Мягкое управление (начало)Мягкое управление (начало)
Мягкое управление (начало)Anton Kuchumov
 
Viestintäroolit ja -keinot vuorovaikutteisessa viestinnässä (Sitran Maamerkit...
Viestintäroolit ja -keinot vuorovaikutteisessa viestinnässä (Sitran Maamerkit...Viestintäroolit ja -keinot vuorovaikutteisessa viestinnässä (Sitran Maamerkit...
Viestintäroolit ja -keinot vuorovaikutteisessa viestinnässä (Sitran Maamerkit...Jarno M. Koponen
 

Andere mochten auch (20)

Andalusia the landscape
Andalusia the landscapeAndalusia the landscape
Andalusia the landscape
 
Android Beyond The Phone
Android Beyond The PhoneAndroid Beyond The Phone
Android Beyond The Phone
 
Econ635ukpres2
Econ635ukpres2Econ635ukpres2
Econ635ukpres2
 
Om fotohumor 1
Om fotohumor 1Om fotohumor 1
Om fotohumor 1
 
男前豆腐店株式会社
男前豆腐店株式会社男前豆腐店株式会社
男前豆腐店株式会社
 
Front end anno 2014
Front end anno 2014Front end anno 2014
Front end anno 2014
 
KD Corporate Brochure
KD Corporate BrochureKD Corporate Brochure
KD Corporate Brochure
 
E twinning is 5 (nx powerlite) (nxpowerlite)
E twinning is 5 (nx powerlite) (nxpowerlite)E twinning is 5 (nx powerlite) (nxpowerlite)
E twinning is 5 (nx powerlite) (nxpowerlite)
 
Your Data, Your Interface
Your Data, Your InterfaceYour Data, Your Interface
Your Data, Your Interface
 
Tilitoimiston laajentunut palvelutarjooma_160410
Tilitoimiston laajentunut palvelutarjooma_160410Tilitoimiston laajentunut palvelutarjooma_160410
Tilitoimiston laajentunut palvelutarjooma_160410
 
Effective Benefit Plan Administration
Effective Benefit Plan AdministrationEffective Benefit Plan Administration
Effective Benefit Plan Administration
 
Anixter
AnixterAnixter
Anixter
 
Social Media & Advertising: ¿Cómo los Social Media están cambiando el escenar...
Social Media & Advertising: ¿Cómo los Social Media están cambiando el escenar...Social Media & Advertising: ¿Cómo los Social Media están cambiando el escenar...
Social Media & Advertising: ¿Cómo los Social Media están cambiando el escenar...
 
South Africa: A Nation in Denial?
South Africa: A Nation in Denial? South Africa: A Nation in Denial?
South Africa: A Nation in Denial?
 
新たな社会貢献のカタチ
新たな社会貢献のカタチ新たな社会貢献のカタチ
新たな社会貢献のカタチ
 
BlogWorld Session - How PR and Bloggers Can Better Connect
BlogWorld Session - How PR and Bloggers Can Better ConnectBlogWorld Session - How PR and Bloggers Can Better Connect
BlogWorld Session - How PR and Bloggers Can Better Connect
 
Going beyond capitalism - a buddhist perspective
Going beyond capitalism - a buddhist perspectiveGoing beyond capitalism - a buddhist perspective
Going beyond capitalism - a buddhist perspective
 
Bachelorproef
BachelorproefBachelorproef
Bachelorproef
 
Мягкое управление (начало)
Мягкое управление (начало)Мягкое управление (начало)
Мягкое управление (начало)
 
Viestintäroolit ja -keinot vuorovaikutteisessa viestinnässä (Sitran Maamerkit...
Viestintäroolit ja -keinot vuorovaikutteisessa viestinnässä (Sitran Maamerkit...Viestintäroolit ja -keinot vuorovaikutteisessa viestinnässä (Sitran Maamerkit...
Viestintäroolit ja -keinot vuorovaikutteisessa viestinnässä (Sitran Maamerkit...
 

Ähnlich wie Thy myth of hacking Oracle

DSS ITSEC CONFERENCE - Lumension Security - Real Time Risk & Compliance Man...
DSS ITSEC CONFERENCE - Lumension Security - Real Time Risk & Compliance Man...DSS ITSEC CONFERENCE - Lumension Security - Real Time Risk & Compliance Man...
DSS ITSEC CONFERENCE - Lumension Security - Real Time Risk & Compliance Man...Andris Soroka
 
Risk Management Practices for PCI DSS 2.0
Risk Management Practices for PCI DSS 2.0Risk Management Practices for PCI DSS 2.0
Risk Management Practices for PCI DSS 2.0Ulf Mattsson
 
Tokenization on the Node - Data Protection for Security and Compliance
Tokenization on the Node - Data Protection for Security and ComplianceTokenization on the Node - Data Protection for Security and Compliance
Tokenization on the Node - Data Protection for Security and ComplianceUlf Mattsson
 
PCTY 2012, IBM Security and Strategy v. Fabio Panada
PCTY 2012, IBM Security and Strategy v. Fabio PanadaPCTY 2012, IBM Security and Strategy v. Fabio Panada
PCTY 2012, IBM Security and Strategy v. Fabio PanadaIBM Danmark
 
Security model-of-sip-d2-05 at kishore
Security model-of-sip-d2-05 at kishoreSecurity model-of-sip-d2-05 at kishore
Security model-of-sip-d2-05 at kishoreAT Kishore
 
1st Russian CSO Summit Trends 2008
1st Russian CSO Summit Trends 20081st Russian CSO Summit Trends 2008
1st Russian CSO Summit Trends 2008Anton Chuvakin
 
Big data security the perfect storm
Big data security the perfect stormBig data security the perfect storm
Big data security the perfect stormUlf Mattsson
 
New Security Challenges Juan Miguel Velasco
New Security Challenges Juan Miguel VelascoNew Security Challenges Juan Miguel Velasco
New Security Challenges Juan Miguel VelascoJuanMiguelVelascoWeb
 
Juan miguel-velasco-lopez-urda-seguridad-informatica-cloud-computing
Juan miguel-velasco-lopez-urda-seguridad-informatica-cloud-computingJuan miguel-velasco-lopez-urda-seguridad-informatica-cloud-computing
Juan miguel-velasco-lopez-urda-seguridad-informatica-cloud-computingJuan Miguel Velasco López Urda
 
New Security Challenges Juan Miguel Velasco
New Security Challenges Juan Miguel VelascoNew Security Challenges Juan Miguel Velasco
New Security Challenges Juan Miguel VelascoJuanMiguelVelascoWeb
 
ISACA Los Angeles 2010 Compliance - Ulf Mattsson
ISACA Los Angeles 2010 Compliance - Ulf MattssonISACA Los Angeles 2010 Compliance - Ulf Mattsson
ISACA Los Angeles 2010 Compliance - Ulf MattssonUlf Mattsson
 
Information Security Risk Management
Information Security Risk ManagementInformation Security Risk Management
Information Security Risk Managementipspat
 
ISACA NA CACS 2012 Orlando session 414 Ulf Mattsson
ISACA NA CACS 2012 Orlando session 414 Ulf MattssonISACA NA CACS 2012 Orlando session 414 Ulf Mattsson
ISACA NA CACS 2012 Orlando session 414 Ulf MattssonUlf Mattsson
 
ISSA: Cloud data security
ISSA: Cloud data securityISSA: Cloud data security
ISSA: Cloud data securityUlf Mattsson
 
The Perils that PCI brings to Security
The Perils that PCI brings to SecurityThe Perils that PCI brings to Security
The Perils that PCI brings to SecurityTripwire
 
The Consumerisation of Corporate IT
The Consumerisation of Corporate ITThe Consumerisation of Corporate IT
The Consumerisation of Corporate ITPeter Wood
 
DSS ITSEC Conference 2012 - SIEM Q1 Labs IBM Security Systems Intelligence
DSS ITSEC Conference 2012 - SIEM Q1 Labs IBM Security Systems IntelligenceDSS ITSEC Conference 2012 - SIEM Q1 Labs IBM Security Systems Intelligence
DSS ITSEC Conference 2012 - SIEM Q1 Labs IBM Security Systems IntelligenceAndris Soroka
 
Ppt security-database-overview-11g r2
Ppt security-database-overview-11g r2Ppt security-database-overview-11g r2
Ppt security-database-overview-11g r2Oracle BH
 

Ähnlich wie Thy myth of hacking Oracle (20)

On Demand Cloud Services Coury
On Demand Cloud Services CouryOn Demand Cloud Services Coury
On Demand Cloud Services Coury
 
DSS ITSEC CONFERENCE - Lumension Security - Real Time Risk & Compliance Man...
DSS ITSEC CONFERENCE - Lumension Security - Real Time Risk & Compliance Man...DSS ITSEC CONFERENCE - Lumension Security - Real Time Risk & Compliance Man...
DSS ITSEC CONFERENCE - Lumension Security - Real Time Risk & Compliance Man...
 
Risk Management Practices for PCI DSS 2.0
Risk Management Practices for PCI DSS 2.0Risk Management Practices for PCI DSS 2.0
Risk Management Practices for PCI DSS 2.0
 
Tokenization on the Node - Data Protection for Security and Compliance
Tokenization on the Node - Data Protection for Security and ComplianceTokenization on the Node - Data Protection for Security and Compliance
Tokenization on the Node - Data Protection for Security and Compliance
 
PCTY 2012, IBM Security and Strategy v. Fabio Panada
PCTY 2012, IBM Security and Strategy v. Fabio PanadaPCTY 2012, IBM Security and Strategy v. Fabio Panada
PCTY 2012, IBM Security and Strategy v. Fabio Panada
 
U S Embassy Event - Today’S Cyber Threats
U S Embassy Event - Today’S Cyber ThreatsU S Embassy Event - Today’S Cyber Threats
U S Embassy Event - Today’S Cyber Threats
 
Security model-of-sip-d2-05 at kishore
Security model-of-sip-d2-05 at kishoreSecurity model-of-sip-d2-05 at kishore
Security model-of-sip-d2-05 at kishore
 
1st Russian CSO Summit Trends 2008
1st Russian CSO Summit Trends 20081st Russian CSO Summit Trends 2008
1st Russian CSO Summit Trends 2008
 
Big data security the perfect storm
Big data security the perfect stormBig data security the perfect storm
Big data security the perfect storm
 
New Security Challenges Juan Miguel Velasco
New Security Challenges Juan Miguel VelascoNew Security Challenges Juan Miguel Velasco
New Security Challenges Juan Miguel Velasco
 
Juan miguel-velasco-lopez-urda-seguridad-informatica-cloud-computing
Juan miguel-velasco-lopez-urda-seguridad-informatica-cloud-computingJuan miguel-velasco-lopez-urda-seguridad-informatica-cloud-computing
Juan miguel-velasco-lopez-urda-seguridad-informatica-cloud-computing
 
New Security Challenges Juan Miguel Velasco
New Security Challenges Juan Miguel VelascoNew Security Challenges Juan Miguel Velasco
New Security Challenges Juan Miguel Velasco
 
ISACA Los Angeles 2010 Compliance - Ulf Mattsson
ISACA Los Angeles 2010 Compliance - Ulf MattssonISACA Los Angeles 2010 Compliance - Ulf Mattsson
ISACA Los Angeles 2010 Compliance - Ulf Mattsson
 
Information Security Risk Management
Information Security Risk ManagementInformation Security Risk Management
Information Security Risk Management
 
ISACA NA CACS 2012 Orlando session 414 Ulf Mattsson
ISACA NA CACS 2012 Orlando session 414 Ulf MattssonISACA NA CACS 2012 Orlando session 414 Ulf Mattsson
ISACA NA CACS 2012 Orlando session 414 Ulf Mattsson
 
ISSA: Cloud data security
ISSA: Cloud data securityISSA: Cloud data security
ISSA: Cloud data security
 
The Perils that PCI brings to Security
The Perils that PCI brings to SecurityThe Perils that PCI brings to Security
The Perils that PCI brings to Security
 
The Consumerisation of Corporate IT
The Consumerisation of Corporate ITThe Consumerisation of Corporate IT
The Consumerisation of Corporate IT
 
DSS ITSEC Conference 2012 - SIEM Q1 Labs IBM Security Systems Intelligence
DSS ITSEC Conference 2012 - SIEM Q1 Labs IBM Security Systems IntelligenceDSS ITSEC Conference 2012 - SIEM Q1 Labs IBM Security Systems Intelligence
DSS ITSEC Conference 2012 - SIEM Q1 Labs IBM Security Systems Intelligence
 
Ppt security-database-overview-11g r2
Ppt security-database-overview-11g r2Ppt security-database-overview-11g r2
Ppt security-database-overview-11g r2
 

Mehr von Ermando

6.Uretim Dagitim 16.40 17.10 Urun Gelistirmede
6.Uretim Dagitim 16.40 17.10 Urun Gelistirmede6.Uretim Dagitim 16.40 17.10 Urun Gelistirmede
6.Uretim Dagitim 16.40 17.10 Urun GelistirmedeErmando
 
5.G Teknoloji Oracle Day Sunumu
5.G Teknoloji Oracle Day Sunumu5.G Teknoloji Oracle Day Sunumu
5.G Teknoloji Oracle Day SunumuErmando
 
4.Experteam Hazine Sunum Ver Oracle Day Poas Final
4.Experteam Hazine Sunum Ver Oracle Day Poas Final4.Experteam Hazine Sunum Ver Oracle Day Poas Final
4.Experteam Hazine Sunum Ver Oracle Day Poas FinalErmando
 
3.Innova Oba
3.Innova Oba3.Innova Oba
3.Innova ObaErmando
 
2.2 Jde Konf Sunum
2.2 Jde Konf Sunum2.2 Jde Konf Sunum
2.2 Jde Konf SunumErmando
 
5.Infotech Konumsal Risk YöNetim Sistemi
5.Infotech Konumsal Risk YöNetim Sistemi5.Infotech Konumsal Risk YöNetim Sistemi
5.Infotech Konumsal Risk YöNetim SistemiErmando
 
4.Oracle Day Sigortacili Mali Isler
4.Oracle Day Sigortacili Mali Isler4.Oracle Day Sigortacili Mali Isler
4.Oracle Day Sigortacili Mali IslerErmando
 
3a Oracle Day Sigorta
3a Oracle Day Sigorta3a Oracle Day Sigorta
3a Oracle Day SigortaErmando
 
1.Innova Zurich
1.Innova Zurich1.Innova Zurich
1.Innova ZurichErmando
 
6.Oracle Day2009 Engin Senel V2
6.Oracle Day2009 Engin Senel V26.Oracle Day2009 Engin Senel V2
6.Oracle Day2009 Engin Senel V2Ermando
 
5.Bt Grup As
5.Bt Grup As5.Bt Grup As
5.Bt Grup AsErmando
 
4 Itd Oracle 1109
4 Itd Oracle 11094 Itd Oracle 1109
4 Itd Oracle 1109Ermando
 
2.Oracle’S High Availability Vision
2.Oracle’S High Availability Vision2.Oracle’S High Availability Vision
2.Oracle’S High Availability VisionErmando
 

Mehr von Ermando (13)

6.Uretim Dagitim 16.40 17.10 Urun Gelistirmede
6.Uretim Dagitim 16.40 17.10 Urun Gelistirmede6.Uretim Dagitim 16.40 17.10 Urun Gelistirmede
6.Uretim Dagitim 16.40 17.10 Urun Gelistirmede
 
5.G Teknoloji Oracle Day Sunumu
5.G Teknoloji Oracle Day Sunumu5.G Teknoloji Oracle Day Sunumu
5.G Teknoloji Oracle Day Sunumu
 
4.Experteam Hazine Sunum Ver Oracle Day Poas Final
4.Experteam Hazine Sunum Ver Oracle Day Poas Final4.Experteam Hazine Sunum Ver Oracle Day Poas Final
4.Experteam Hazine Sunum Ver Oracle Day Poas Final
 
3.Innova Oba
3.Innova Oba3.Innova Oba
3.Innova Oba
 
2.2 Jde Konf Sunum
2.2 Jde Konf Sunum2.2 Jde Konf Sunum
2.2 Jde Konf Sunum
 
5.Infotech Konumsal Risk YöNetim Sistemi
5.Infotech Konumsal Risk YöNetim Sistemi5.Infotech Konumsal Risk YöNetim Sistemi
5.Infotech Konumsal Risk YöNetim Sistemi
 
4.Oracle Day Sigortacili Mali Isler
4.Oracle Day Sigortacili Mali Isler4.Oracle Day Sigortacili Mali Isler
4.Oracle Day Sigortacili Mali Isler
 
3a Oracle Day Sigorta
3a Oracle Day Sigorta3a Oracle Day Sigorta
3a Oracle Day Sigorta
 
1.Innova Zurich
1.Innova Zurich1.Innova Zurich
1.Innova Zurich
 
6.Oracle Day2009 Engin Senel V2
6.Oracle Day2009 Engin Senel V26.Oracle Day2009 Engin Senel V2
6.Oracle Day2009 Engin Senel V2
 
5.Bt Grup As
5.Bt Grup As5.Bt Grup As
5.Bt Grup As
 
4 Itd Oracle 1109
4 Itd Oracle 11094 Itd Oracle 1109
4 Itd Oracle 1109
 
2.Oracle’S High Availability Vision
2.Oracle’S High Availability Vision2.Oracle’S High Availability Vision
2.Oracle’S High Availability Vision
 

Kürzlich hochgeladen

2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...Martijn de Jong
 
Histor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slideHistor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slidevu2urc
 
Advantages of Hiring UIUX Design Service Providers for Your Business
Advantages of Hiring UIUX Design Service Providers for Your BusinessAdvantages of Hiring UIUX Design Service Providers for Your Business
Advantages of Hiring UIUX Design Service Providers for Your BusinessPixlogix Infotech
 
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...apidays
 
Apidays New York 2024 - The value of a flexible API Management solution for O...
Apidays New York 2024 - The value of a flexible API Management solution for O...Apidays New York 2024 - The value of a flexible API Management solution for O...
Apidays New York 2024 - The value of a flexible API Management solution for O...apidays
 
Driving Behavioral Change for Information Management through Data-Driven Gree...
Driving Behavioral Change for Information Management through Data-Driven Gree...Driving Behavioral Change for Information Management through Data-Driven Gree...
Driving Behavioral Change for Information Management through Data-Driven Gree...Enterprise Knowledge
 
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...Drew Madelung
 
HTML Injection Attacks: Impact and Mitigation Strategies
HTML Injection Attacks: Impact and Mitigation StrategiesHTML Injection Attacks: Impact and Mitigation Strategies
HTML Injection Attacks: Impact and Mitigation StrategiesBoston Institute of Analytics
 
Apidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, Adobe
Apidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, AdobeApidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, Adobe
Apidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, Adobeapidays
 
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law DevelopmentsTrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law DevelopmentsTrustArc
 
Tata AIG General Insurance Company - Insurer Innovation Award 2024
Tata AIG General Insurance Company - Insurer Innovation Award 2024Tata AIG General Insurance Company - Insurer Innovation Award 2024
Tata AIG General Insurance Company - Insurer Innovation Award 2024The Digital Insurer
 
What Are The Drone Anti-jamming Systems Technology?
What Are The Drone Anti-jamming Systems Technology?What Are The Drone Anti-jamming Systems Technology?
What Are The Drone Anti-jamming Systems Technology?Antenna Manufacturer Coco
 
Finology Group – Insurtech Innovation Award 2024
Finology Group – Insurtech Innovation Award 2024Finology Group – Insurtech Innovation Award 2024
Finology Group – Insurtech Innovation Award 2024The Digital Insurer
 
Tech Trends Report 2024 Future Today Institute.pdf
Tech Trends Report 2024 Future Today Institute.pdfTech Trends Report 2024 Future Today Institute.pdf
Tech Trends Report 2024 Future Today Institute.pdfhans926745
 
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...Miguel Araújo
 
presentation ICT roal in 21st century education
presentation ICT roal in 21st century educationpresentation ICT roal in 21st century education
presentation ICT roal in 21st century educationjfdjdjcjdnsjd
 
Artificial Intelligence: Facts and Myths
Artificial Intelligence: Facts and MythsArtificial Intelligence: Facts and Myths
Artificial Intelligence: Facts and MythsJoaquim Jorge
 
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...Connector Corner: Accelerate revenue generation using UiPath API-centric busi...
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...DianaGray10
 
The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024Rafal Los
 

Kürzlich hochgeladen (20)

2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...
 
+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...
+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...
+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...
 
Histor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slideHistor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slide
 
Advantages of Hiring UIUX Design Service Providers for Your Business
Advantages of Hiring UIUX Design Service Providers for Your BusinessAdvantages of Hiring UIUX Design Service Providers for Your Business
Advantages of Hiring UIUX Design Service Providers for Your Business
 
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
 
Apidays New York 2024 - The value of a flexible API Management solution for O...
Apidays New York 2024 - The value of a flexible API Management solution for O...Apidays New York 2024 - The value of a flexible API Management solution for O...
Apidays New York 2024 - The value of a flexible API Management solution for O...
 
Driving Behavioral Change for Information Management through Data-Driven Gree...
Driving Behavioral Change for Information Management through Data-Driven Gree...Driving Behavioral Change for Information Management through Data-Driven Gree...
Driving Behavioral Change for Information Management through Data-Driven Gree...
 
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
 
HTML Injection Attacks: Impact and Mitigation Strategies
HTML Injection Attacks: Impact and Mitigation StrategiesHTML Injection Attacks: Impact and Mitigation Strategies
HTML Injection Attacks: Impact and Mitigation Strategies
 
Apidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, Adobe
Apidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, AdobeApidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, Adobe
Apidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, Adobe
 
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law DevelopmentsTrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
 
Tata AIG General Insurance Company - Insurer Innovation Award 2024
Tata AIG General Insurance Company - Insurer Innovation Award 2024Tata AIG General Insurance Company - Insurer Innovation Award 2024
Tata AIG General Insurance Company - Insurer Innovation Award 2024
 
What Are The Drone Anti-jamming Systems Technology?
What Are The Drone Anti-jamming Systems Technology?What Are The Drone Anti-jamming Systems Technology?
What Are The Drone Anti-jamming Systems Technology?
 
Finology Group – Insurtech Innovation Award 2024
Finology Group – Insurtech Innovation Award 2024Finology Group – Insurtech Innovation Award 2024
Finology Group – Insurtech Innovation Award 2024
 
Tech Trends Report 2024 Future Today Institute.pdf
Tech Trends Report 2024 Future Today Institute.pdfTech Trends Report 2024 Future Today Institute.pdf
Tech Trends Report 2024 Future Today Institute.pdf
 
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
 
presentation ICT roal in 21st century education
presentation ICT roal in 21st century educationpresentation ICT roal in 21st century education
presentation ICT roal in 21st century education
 
Artificial Intelligence: Facts and Myths
Artificial Intelligence: Facts and MythsArtificial Intelligence: Facts and Myths
Artificial Intelligence: Facts and Myths
 
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...Connector Corner: Accelerate revenue generation using UiPath API-centric busi...
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...
 
The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024
 

Thy myth of hacking Oracle

  • 1. <Insert Picture Here> Thy myth of hacking Oracle Peter Kestner Technology Director – Database Security Oracle Core Technology EMEA
  • 2. More data than ever… Growth Doubles Yearly 1,800 Exabytes 2006 2011 Source: IDC, 2008 2
  • 3. More breaches then ever… Data Breach Once exposed, the data is out there – the bell can’t be un-rung PUBLICLY REPORTED DATA BREACHES 630% Increase Total Personally Identifying Information Records Exposed (Millions) Source: DataLossDB, 2009 3
  • 4. More threats than ever… 4
  • 5. More Regulations Than Ever… UK/PRO PIPEDA EU Data Directives Sarbanes-Oxley GLBA PCI Basel II Breach Disclosure FISMA K SOX Euro SOX J SOX HIPAA ISO 17799 SAS 70 COBIT AUS/PRO 90% Companies behind in compliance Source: IT Policy Compliance Group, 2009. 5
  • 6. Market Overview: IT Security In 2009 There has been a clear and significant shift from what was the widely recognized state of security just a few years ago. Protecting the organization's information assets is the top issue facing security programs: data security (90%) is most often cited as an important or very important issue for IT security organizations, followed by application security (86%). 6
  • 7. The Myth of Hacking Oracle WHERE WHO HOW PROTECTION
  • 8. Where does the attacks come from ? WHERE WHO HOW PROTECTION 20% External 80% Internal Source: Verizon Data Breach Report 2009
  • 9. Official Statistics Industry relation WHERE WHO HOW PROTECTION Source: Verizon Data Breach Report 2009
  • 10. The Myth of Hacking Oracle WHERE WHO HOW PROTECTION
  • 11. Who is attacking us ? WHERE WHO Hack3rs 20 % HOW Insiders 80 % PROTECTION
  • 12. Short Facts (internal & external) 87 % of all Databases are compromised over the Operating System 80 % of the damage is caused by insiders 1% of all professional hacks are only recognized 10 % of all “standard hacks” are made public
  • 13. Highscore List (external) Source: Black Hat Convention 2008 40sec Windows XP SP2 55sec Windows Vista 63sec Windows NT4.0 WKST, SP4 70sec Windows 2003 Server 140sec Linux Kernel 2.6. 190sec Sun Solaris 5.9 with rootkit ... List includes also AIX, HPUX, OS2, OSX, IRIX, …
  • 14. Shopping List 2007/2008 (external) Source: heise security, DEFCON 2008, BlackHat 2008 50.000 $ Windows Vista Exploit (4000$ for WMF Exploit in Dec2005) 7 $ per ebay-Account 20.000 $ medium size BOT network 30.000 $ unknown security holes in well known applications 25-60 $ per 1000 BOT clients / week
  • 15. Crisis Shopping List 2009 (external) Source: heise security, DEFCON 2009, BlackHat 2009 100.000 $ Destruction of competitor image 250.000 $ Full internal competitor database 25 $ per credit card account (+sec code + valid date) 20.000 $ medium size BOT network (buy or rent) 2000 $ stolen VPN connection 5000 $ contact to “turned around” insider
  • 16. WHERE WHO Hack3rs 20 % HOW Insiders 80 % PROTECTION
  • 17. Insider examples !!! European headlines 2008/2009: - lost top secret document about Al Quaida (public train) - stolen data of thousand prisoners and prison guards - personal information of 70Mio people unencrypted on DVD‘s lost - bank employee gambled with 5.4Bio US$ - 88% of admins would steal sensitive corporate informations - Industry espionage by insiders increased dramatically - biggest criminal network (RBN) still operating - Tousends of stolen hardware equipement @ US Army - US Army lost 50.000 personal data of former soliers - Chinas „Red Dragon“ organization cracked german gov network - Lichtenstein Affaire – Insider vs. Secret Service - .. -.
  • 18. Insider Threat Outsourcing and off-shoring trend becomes now a governmental problem (judgement decission) Large percentage of threats go undetected - huge internal know how - powerful privileges - track cleaning - „clearance“ problem - foreign contact persons / turnovers Easier exchange of sensitive data (hacker‘s ebay, RBN, paralell internet, dead postboxes...)
  • 19. Official Statistics Relation internal / external Source: Verizon Data Breach Report 2009
  • 20. Official Statistics 3 years development Partner ?! Source: Verizon Data Breach Report 2009
  • 21. The Myth of Hacking Oracle WHERE WHO HOW PROTECTION
  • 22. How we get attacked WHERE Active Passive Hack Hack WHO Over 80% of all hacks are done from Internal External HOW internal Hack Hack PROTECTION At the moment one Technical Nontechnical of the most dangerous and Hack Hack effectives methode in the scene
  • 23. How we get attacked -- REALITY - Standard configuration WHERE - Misconfiguration - Misunderstanding of security WHO - Human errors HOW - Process/Workflow errors - “old” versions / no patches PROTECTION - Known/published wholes/bugs/workarounds - Downloadable cracking software (script kiddies) - Real hacks/cracks
  • 24. The Myth of Hacking Oracle WHERE WHO HOW PROTECTION
  • 25. Protection WHERE WHO > 90% HOW of our security problems PROTECTION could be solved
  • 26. Think … Security is a „race“, if you stop running you‘ll lose Security IS NOT a product; it‘s an ongoing living process Train your employees Security IS an intelligent combination of more areas -> „Big picture“ Focus on your data, not only on the technic Start with the basics
  • 27. Think about Solutions… Problem Oracle Solution Oracle Security Product • External Attackers • Separation of duties • Advanced Security Options (ASO) • Internal Threats • Insider threat protection • Network encryption • Image Damage • Strong access authentication • Transparent data encryption • Internal Security Regulations • Strong encryption (DB/OS/Net) • Strong authentication • Regulatory Compliances • Fine grained real time external • Database Vault auditing Audit Vault • .. • • Data consolidation control Secure Backup • . • • High availability + Security • Virtual Privat Database (VPD) combination • Oracle Label Security (OLS) • Data Masking • Total Recall Oracle Differentiator / no competition
  • 28. Database Defense-in-Depth Monitoring • Configuration Management • Audit Vault • Total Recall Access Control • Database Vault • Label Security Encryption & Masking Encryption & Masking • Advanced Security Access Control • Secure Backup Monitoring • Data Masking Oracle Confidential 48