Security Compliance and Data Governance: Dual problems, single solution CON8015
|
|
- Kathryn Eaton
- 2 years ago
- Views:
Transcription
1
2 Security Compliance and Data Governance: Dual problems, single solution CON8015 David Wolf Director of Product Management Oracle Development, Enterprise Manager Steve Ries Senior Systems Architect Technology Services Organization United State Marine Corps Copyright 2014, Oracle and/or its affiliates. All rights reserved.
3 Session: CON8015 Title: Security Compliance and Data Governance: Dual problems, single solution Description: Ensuring your databases comply is standards and sensitive data is protected can be difficult and time consuming task. This session will demonstrate how to use Oracle Enterprise Manager 12c for continuous security compliance auditing of your Oracle databases and underlying infrastructure against configuration standards such as the Department of Defense (DoD) Security Technical Implement Guide (STIG). You ll also learn how the new Data Governance feature can help find unsecured sensitive data throughout your environment and aid your data masking decisions. Copyright 2014, Oracle and/or its affiliates. All rights reserved.
4 Safe Harbor Statement The following is intended to outline our general product direction. It is intended for information purposes only, and may not be incorporated into any contract. It is not a commitment to deliver any material, code, or functionality, and should not be relied upon in making purchasing decisions. The development, release, and timing of any features or functionality described for Oracle s products remains at the sole discretion of Oracle. Copyright 2014, Oracle and/or its affiliates. All rights reserved.
5 Program Agenda Data Governance and Security Compliance Commonalities EM12c Compliance Framework Overview Automated STIG Compliance US Marine Corp EM12c Data Governance Sensitive Data Discovery Conclusion and Q & A Copyright 2014, Oracle and/or its affiliates. All rights reserved.
6 Oracle Database Security Solutions Defense in Depth PREVENTIVE DETECTIVE ADMINISTRATIVE Encryption & Redaction Activity Monitoring Key & Wallet Management Masking & Subsetting Database Firewall Privilege & Data Discovery Privileged User Controls Auditing & Reporting Configuration Management Copyright 2014, Oracle and/or its affiliates. All rights reserved. 6
7 Oracle Database Security Solutions Defense in Depth PREVENTIVE DETECTIVE ADMINISTRATIVE Encryption & Redaction Activity Monitoring Key & Wallet Management Masking & Subsetting Database Firewall Privilege & Data Discovery Privileged User Controls Auditing & Reporting Configuration Management Copyright 2014, Oracle and/or its affiliates. All rights reserved. 7
8 Security Compliance and Data Governance Common Goals Achieve compliance with standards or regulations Manage risk Improve (Data) Security Minimizing or eliminating rework Optimize Staff effectiveness Common Challenges Data centers have thousands of databases some containing sensitive data Enterprises lack enterprise-wide tools to scan databases regularly Limited visibility into compliance status (encryption, masking, database vault) of sensitive data Hard to remediate non-compliance Copyright 2014, Oracle and/or its affiliates. All rights reserved.
9 Security Compliance and Data Governance Common Solution Requirements Highly automated Continuous auditing Proactively alert on findings and issues Provide remediation automation or guidance Provide robust and flexible reporting Data Governance Requirements Security Compliance Copyright 2014, Oracle and/or its affiliates. All rights reserved.
10 Program Agenda Data Governance and Security Compliance Commonalities EM12c Compliance Framework Overview Automated STIG Compliance US Marine Corp EM12c Data Governance Sensitive Data Discovery Conclusion and Q & A Copyright 2014, Oracle and/or its affiliates. All rights reserved.
11 Enterprise Manager Compliance Framework Overview Continuous Configuration Auditing Real-Time File Integrity Monitoring Cloud Scale Ready to use Standards Copyright 2014, Oracle and/or its affiliates. All rights reserved. Oracle Confidential Internal 11
12 Enterprise Manager Compliance Framework Continuous Configuration Auditing Tightly integrated with configuration collection framework. Evaluation triggered by detected configuration changes. Efficient mechanism vs full scheduled evaluation. Always up to date. Violations automatically cleared after remediation. Alert on each violation or score threshold. Copyright 2014, Oracle and/or its affiliates. All rights reserved. Oracle Confidential Internal 12
13 Enterprise Manager Compliance Framework Real-Time File Integrity Monitoring Know the who, what and when the change was made. Detect Unauthorized changes automatically. Required for many Industry regulations like PCI. Capable of monitoring users, processes and database actions in addition to files. Oracle provided standards for Critical Oracle Linux and Exadata files. Copyright 2014, Oracle and/or its affiliates. All rights reserved. Oracle Confidential Internal 13
14 Enterprise Manager Compliance Framework Cloud Scale Efficient re-evaluation on change reduces network and host resource consumption. Standards can be automatically applied using Administrative groups or composite targets ( DBaaS Pools, Application Systems ) New Agent-Side rules control repository growth Summary reporting via BI Publisher Copyright 2014, Oracle and/or its affiliates. All rights reserved. Oracle Confidential Internal 14
15 Enterprise Manager Compliance Framework Ready to use Compliance Standards and Checks 1000s of Oracle provided Checks ( Rules ) 25+ Standards for Database components ( RAC, SI, Listener, etc ) Based on Oracle s best practices and Security recommendations Customizable to meet Internal best practices 1. Leverage Oracle provided rules matching your own 2. Tailor Oracle provided rules with known exceptions 3. Build custom rules to exactly match requirement Newin Oracle Database 11g STIG Standards Copyright 2014, Oracle and/or its affiliates. All rights reserved. Oracle Confidential Internal 15
16 Program Agenda Data Governance and Security Compliance Commonalities EM12c Compliance Framework Overview Automated STIG Compliance US Marine Corp EM12c Data Governance Sensitive Data Discovery Conclusion and Q & A Copyright 2014, Oracle and/or its affiliates. All rights reserved.
17 ABOUT THE SPEAKER Steve Ries Senior Systems Architect Technology Services Organization United State Marine Corps October 2, 2014 CSC Proprietary and Confidential
18 About Technology Services Organization Software development and systems integrator of enterprise level pay and personnel systems for the United States Marine Corps and other branches of the military CSC Proprietary and Confidential 18
19 Database Security at Department of Defense STIG Security Technical Implementation Guide A guide for Information Security - a compendium of DoD policies, security regulations and best practices Includes security configurations for OS, database and application servers, network switches, routers, etc Mandated by DOD regulations Current Oracle Database STIG is Version 8 Release CSC Proprietary and Confidential 19
20 Challenge In the DoD, your security posture is determined by your configuration management strategy The database STIG is primarily a manual process. Maintaining proper security posture is similarly manual. Compliance drift Need a solution to automatically check and report on proper security configurations. CSC Proprietary and Confidential 20
21 Our STIG Auditing Automation Evolution Enterprise Manager 12c Version Complete out of the box solution for STIG monitoring Easy to deploy Multiple dimensions in which to view finding data Reporting capabilities Can be used for single-instance and clustered databases Complies with DoD, but any company can use it In House Scripts EM 11g User-Defined Metrics and Policies EM 12c Pre-R4 Custom Configuration Extensions and Rules EM 12c R4 Complete Out of Box Solution CSC Proprietary and Confidential 21
22 Using Oracle STIG Standard See Results in Minutes Deploy to database(s) in 2 steps 1. Select Standard 2. Select Targets Almost immediate results Checks run daily by default Configurable Notification on violation CSC Proprietary and Confidential 22
23 Dealing with Manual Checks Challenge Some checks cannot be automated Need to include status in report Manual Rule Type Define Check to be manually performed Generates single violation per target Must be cleared manually (attested) Clear permanently or temporarily by date User and reason for attestation captured CSC Proprietary and Confidential 23
24 Dealing with Exception and Grace Periods Challenge Some issues require time (Grace period) to address Approved exceptions cannot impact results, but must be reported Violation suppression feature Hide violation from results temporarily or permanently User and reason captured Violation re-appears upon suppression expiration CSC Proprietary and Confidential 24
25 Robust and Flexible Reporting How compliant is my environment? How compliant are we for each finding? CSC Proprietary and Confidential 25
26 Robust and Flexible Reporting How compliant is each database? How compliant is a given database? CSC Proprietary and Confidential 26
27 Robust and Flexible Reporting What are the individual findings? How compliant are we for a given finding? CSC Proprietary and Confidential 27
28 Experiences, Benefits and Gains Consolidated view of your security posture learn in minutes what would have taken hours to compile Manual STIG time 4 to 8 hours per target OEM Compliance Framework < 1 hour Faster checks = tighter security RAC enabled out-of-the-box Future possibility of a comprehensive STIG framework that includes operating systems through SCAP and applications servers such as Weblogic CSC Proprietary and Confidential 28
29 EM Compliance Best Practices Leverage Administrative groups for automated application of standards Configure Notification rules to receive s when new violation detected Clear Manual findings for X months to ensure compliance Leverage Public Views to leverage compliance data in other systems Create custom Operator role removing Manage Target Compliance to reduce list of users capable of suppressing violations. CSC Proprietary and Confidential 29
30 Thank You CSC Proprietary and Confidential October 9,
31 Program Agenda Data Governance and Security Compliance Commonalities EM12c Compliance Framework Overview Automated STIG Compliance US Marine Corp EM12c Data Governance Sensitive Data Discovery Conclusion and Q & A Copyright 2014, Oracle and/or its affiliates. All rights reserved.
32 Enterprise Manager - Sensitive Data Discovery Scan Oracle Database sensitive data Built-in, extensible data definitions Discover application data models Protect sensitive data appropriately encrypt redact mask audit Copyright 2014, Oracle and/or its affiliates. All rights reserved. 32
33 Enterprise Manager Sensitive Data Discovery EM Repository Sensitive Databases Meta-data Discovery Scan Results QA DEV DEV Application Data Model User Review Data Discovery PROD PROD TRNG Enterprise Data Governance allows you to discover, scan and identify databases that may contain sensitive data automatically across your enterprise Shallow Scan Meta data discovery Deep Scan Sensitive data discovery Copyright 2014, Oracle and/or its affiliates. All rights reserved. Oracle Confidential Internal/Restricted/Highly Restricted 33
34 Enterprise Manager Sensitive Data Discovery How it works Meta-Data Discovery Scans dictionary for sensitive cols Uses monitoring credentials Searches for: Data Discovery Sensitive table and column name patterns Application signatures to identify packaged apps Objects with security protections Samples data and searches for various sensitive data patterns like card number, phone, etc. Requires database credentials Meta-data Discovery Data Discovery Sensitive Columns Data Protection Sensitive Tables Application Signatures Copyright 2014, Oracle and/or its affiliates. All rights reserved.
35 Enterprise Manager Sensitive Data Discovery Configure, Discover, Classify Protection Configure Sensitive type configuration Application Signature configuration Out of the Box Data Protection configuration Discover Metadata Discovery Data Discovery Classify Classify sensitive column types, data protection and application signatures Associate an Application Data Model Data Masking Redaction Encryption Copyright 2014, Oracle and/or its affiliates. All rights reserved.
36 Demonstration Automated Sensitive Data Discovery Copyright 2014, Oracle and/or its affiliates. All rights reserved.
37 Program Agenda Data Governance and Security Compliance Commonalities EM12c Compliance Framework Overview Automated STIG Compliance US Marine Corp EM12c Data Governance Sensitive Data Discovery Conclusion and Q & A Copyright 2014, Oracle and/or its affiliates. All rights reserved.
38 Enterprise Manager The Single Solution For Automated Security Compliance Auditing and Sensitive Data Discovery Highly automated Continuous auditing Proactively alert on findings and issues Automated remediation or guidance Robust and flexible reporting Copyright 2014, Oracle and/or its affiliates. All rights reserved.
39 Learn More On Oracle Technology Network Enterprise Manager-Lifecycle Management Page Copyright 2014, Oracle and/or its affiliates. All rights reserved. 39
40 Join the Conversation Learn more at : oracle.com/enterprisemanager Copyright 2014, Oracle and/or its affiliates. All rights reserved.
41 Copyright 2014, Oracle and/or its affiliates. All rights reserved.
42
Protecting Sensitive Data Reducing Risk with Oracle Database Security
Protecting Sensitive Data Reducing Risk with Oracle Database Security Antonio.Mata.Gomez@oracle.com Information Security Architect Agenda 1 2 Anatomy of an Attack Three Steps to Securing an Oracle Database
Securing Data in Oracle Database 12c
Securing Data in Oracle Database 12c Thomas Kyte http://asktom.oracle.com/ Safe Harbor Statement The following is intended to outline our general product direction. It is intended for information purposes
Hayri Tarhan, Sr. Manager, Public Sector Security, Oracle Ron Carovano, Manager, Business Development, F5 Networks
EXTENDING ACCESS WHILE ENHANCING CONTROL FOR YOUR ORGANIZATION S DATA LEVERAGE THE POWER OF F5 AND ORACLE TO DELIVER SECURE ACCESS TO APPLICATIONS AND DATABASES Hayri Tarhan, Sr. Manager, Public Sector
Forthcoming EU Data Protection Law
Forthcoming EU Data Protection Law How Oracle can Help Patrick McLaughlin Security Architect & Oracle Fellow EMEA Technology Solutions 22 October 2015, Riga Copyright 2014 Oracle and/or its affiliates.
Oracle Enterprise Manager: The Complete Solution and Oracle s Best Kept Secrets [CON9715]
Oracle Enterprise Manager: The Complete Solution and Oracle s Best Kept Secrets [CON9715] Amit Ganesh Vice President Oracle Enterprise Manager Development October, 2015 EM Team: Mark Ramacher, Kurt Engeleiter,
Oracle Database Security Overview
Oracle Database Security Overview Tammy Bednar Sr. Principal Product Manager tammy.bednar@oracle.com Data Security Challenges What to secure? Sensitive Data: Confidential, PII, regulatory
Copyright 2013, Oracle and/or its affiliates. All rights reserved.
1 The following is intended to outline our general product direction. It is intended for information purposes only, and may not be incorporated into any contract. It is not a commitment to deliver any
CON9488 The Enterprise Cloud Simplified with Oracle VM
CON9488 The Enterprise Cloud Simplified with Oracle VM Andy Herm, Senior Architect, Cloud Infrastructure, Oracle Conor Wentz, Senior Architect, Cloud Infrastructure, Oracle Honglin Su, Sr. Director of
MySQL Security: Best Practices
MySQL Security: Best Practices Sastry Vedantam sastry.vedantam@oracle.com Safe Harbor Statement The following is intended to outline our general product direction. It is intended for information purposes
Trust but Verify: Best Practices for Monitoring Privileged Users
Trust but Verify: Best Practices for Monitoring Privileged Users Olaf Stullich, Product Manager (olaf.stullich@oracle.com) Arun Theebaprakasam, Development Manager Chirag Andani, Vice President, Identity
Copyright 2013, Oracle and/or its affiliates. All rights reserved.
1 Security Inside-Out with Oracle Database 12c Denise Mallin, CISSP Oracle Enterprise Architect - Security The following is intended to outline our general product direction. It is intended for information
1 Copyright 2012, Oracle and/or its affiliates. All rights reserved. Public Information
1 Copyright 2012, Oracle and/or its affiliates. All rights reserved. Public Information Proteggere i dati direttamente nel database Una proposta tecnologica Angelo Maria Bosis Sales Consulting Senior Manager
Complete Database Security. Thomas Kyte http://asktom.oracle.com/
Complete Database Security Thomas Kyte http://asktom.oracle.com/ Agenda Enterprise Data Security Challenges Database Security Strategy Oracle Database Security Solutions Defense-in-Depth Q&A 2 Copyright
Oracle Audit Vault and Database Firewall. Morana Kobal Butković Principal Sales Consultant Oracle Hrvatska
Oracle Audit Vault and Database Firewall Morana Kobal Butković Principal Sales Consultant Oracle Hrvatska The following is intended to outline our general product direction. It is intended for information
The Firewall Audit Checklist Six Best Practices for Simplifying Firewall Compliance and Risk Mitigation
The Firewall Audit Checklist Six Best Practices for Simplifying Firewall Compliance and Risk Mitigation Copyright, AlgoSec Inc. All rights reserved The Need to Ensure Continuous Compliance Regulations
Copyright 2013, Oracle and/or its affiliates. All rights reserved.
1 Solutions for securing and auditing Oracle database Edgars Ruņģis Technology Consultant Why Are Databases Vulnerable? 80% of IT Security Programs Don t Address Database Security Forrester Research Enterprises
Oracle Database 12c Plug In. Switch On. Get SMART.
Oracle Database 12c Plug In. Switch On. Get SMART. Duncan Harvey Head of Core Technology, Oracle EMEA March 2015 Safe Harbor Statement The following is intended to outline our general product direction.
Oracle Privileged Account Manager 11gR2. Karsten Müller-Corbach karsten.mueller-corbach@oracle.com
R2 Oracle Privileged Account Manager 11gR2 Karsten Müller-Corbach karsten.mueller-corbach@oracle.com The following is intended to outline our general product direction. It is intended for information purposes
Copyright 2013, Oracle and/or its affiliates. All rights reserved.
1 Security Inside Out Latest Innovations in Oracle Database 12c Jukka Männistö Database Architect Oracle Nordic Coretech Presales The 1995-2014 Security Landscape Regulatory Landscape HIPAA, SOX (2002),
Oracle Database Security. Paul Needham Senior Director, Product Management Database Security
Oracle Database Security Paul Needham Senior Director, Product Management Database Security Safe Harbor Statement The following is intended to outline our general product direction. It is intended for
Measurable Improvements in E-Business Suite Application Management with OEM 12c
Measurable Improvements in E-Business Suite Application Management with OEM 12c January 29, 2014 Copyright 2014. Apps Associates LLC. 1 Welcome Julian Troake Marketing Director Apps Associates LLC Copyright
Safe Harbor Statement
Safe Harbor Statement The following is intended to outline our general product direction. It is intended for information purposes only, and may not be incorporated into any contract. It is not a commitment
ORACLE ENTERPRISE MANAGER 10 g CONFIGURATION MANAGEMENT PACK FOR ORACLE DATABASE
ORACLE ENTERPRISE MANAGER 10 g CONFIGURATION MANAGEMENT PACK FOR ORACLE DATABASE CONFIGURATION MANAGEMENT PACK FEATURES Automated discovery of dependency relationships between services, systems and Oracle
Infor CloudSuite. Defense-in-depth. Table of Contents. Technical Paper Plain talk about Infor CloudSuite security
Technical Paper Plain talk about security When it comes to Cloud deployment, security is top of mind for all concerned. The Infor CloudSuite team uses best-practice protocols and a thorough, continuous
Copyright 2012, Oracle and/or its affiliates. All rights reserved.
1 The following is intended to outline our general product direction. It is intended for information purposes only, and may not be incorporated into any contract. It is not a commitment to deliver any
Copyright 2012, Oracle and/or its affiliates. All rights reserved.
1 Seguridad en profundidad Jaime Briggs MSc CS, CISSP, CCSK Sales Manager Strategic accounts Agenda Los Controles ISO 27001 Defensa en Profundidad Productos que dan respuesta Roadmap a seguridad Q&A 3
Safe Harbor Statement
Oracle Exadata Monitoring and Management Best Practices Session CON9727 October 26, 2015 Ashish Agrawal, Group Product Manager Swapnil Sinvhal, Sr. Software Dev Manager Oracle Corporation Rick Shawver,
Monitoring, Managing and Supporting Enterprise Clouds with Oracle Enterprise Manager 12c Name, Title Oracle
Monitoring, Managing and Supporting Enterprise Clouds with Oracle Enterprise Manager 12c Name, Title Oracle Complete Cloud Lifecycle Management Optimize Plan Meter & Charge Manage Applications and Business
1 Copyright 2012, Oracle and/or its affiliates. All rights reserved. Public Information
1 Copyright 2012, Oracle and/or its affiliates. All rights reserved. Public Information The following is intended to outline our general product direction. It is intended for information purposes only,
Assessing PCI Compliance with EMC Software Solutions
Assessing PCI Compliance with EMC Software Solutions Glenn O Donnell Principal Product Marketing Manager Resource Management Software Group Email: odonnell_glenn@emc.com Service Management Soapbox Blog:
Oracle Database Cloud Services OGh DBA & Middleware Day
Oracle Database Cloud Services OGh DBA & Middleware Day Jan van Tiggelen Principal Sales Consultant Oracle Core Technology June 4th, 2015 Safe Harbor Statement The following is intended to outline our
Symantec Control Compliance Suite Standards Manager
Symantec Control Compliance Suite Standards Manager Automate Security Configuration Assessments. Discover Rogue Networks & Assets. Harden the Data Center. Data Sheet: Security Management Control Compliance
Critical Database. Oracle Enterprise Manager Oracle Open World 2010 Presented dby Venkat Tekkalur. Prem Venkatasamy. Principal Technical Architect
Real World Mission Critical Database Monitoring i at AT&T with Oracle Enterprise Manager Oracle Open World 2010 Presented dby Venkat Tekkalur Principal Technical Architect Prem Venkatasamy Director IT
An AlgoSec Whitepaper MANAGE SECURITY AT THE SPEED OF BUSINESS
An AlgoSec Whitepaper MANAGE SECURITY AT THE SPEED OF BUSINESS The Need to Ensure Continuous Compliance More Regulations and standards relating to information security, such as the Payment Card Industry
AUTOMATING AUDITS AND ENSURING CONTINUOUS COMPLIANCE WITH ALGOSEC
AUTOMATING AUDITS AND ENSURING CONTINUOUS COMPLIANCE WITH ALGOSEC MANAGE SECURITY AT THE SPEED OF BUSINESS AlgoSec Whitepaper Simplifying PCI-DSS Audits and Ensuring Continuous Compliance with AlgoSec
IBM PowerSC. Security and compliance solution designed to protect virtualized datacenters. Highlights. IBM Systems and Technology Data Sheet
IBM PowerSC Security and compliance solution designed to protect virtualized datacenters Highlights Simplify security management and compliance measurement Reduce administration costs of meeting compliance
Strategies for Monitoring Large Data Centers with Oracle Enterprise Manager. Ana McCollum Consulting Product Manager
Strategies for Monitoring Large Data Centers with Oracle Enterprise Manager Ana McCollum Consulting Product Manager The following is intended to outline our general product direction. It is intended for
Oracle Enterprise Manager 12c
Oracle Enterprise Manager 12c CON8243 - Enterprise Manager 12c Security Cookbook: Best Practices for Large Datacenters Maureen Byrne Product Management, Oracle Marleen Gebraad, Rabobank Nagaraj Krishnappa
Oracle: Database and Data Management Innovations with CERN Public Day
Presented to Oracle: Database and Data Management Innovations with CERN Public Day Kevin Jernigan, Oracle Lorena Lobato Pardavila, CERN Manuel Martin Marquez, CERN June 10, 2015 Copyright 2015, Oracle
Credit Cards and Oracle: How to Comply with PCI DSS. Stephen Kost Integrigy Corporation Session #600
Credit Cards and Oracle: How to Comply with PCI DSS Stephen Kost Integrigy Corporation Session #600 Background Speaker Stephen Kost CTO and Founder 16 years working with Oracle 12 years focused on Oracle
An Oracle White Paper June 2009. Oracle Database 11g: Cost-Effective Solutions for Security and Compliance
An Oracle White Paper June 2009 Oracle Database 11g: Cost-Effective Solutions for Security and Compliance Protecting Sensitive Information Information ranging from trade secrets to financial data to privacy
Oracle Database Security Services
Oracle Database Security Services BUSINESS CHALLENGES Public announcements of major IT security breaches have become an almost daily occurrence. The causes of publicized breaches are diverse and include
Enterprise IT is complex. Today, IT infrastructure spans the physical, the virtual and applications, and crosses public, private and hybrid clouds.
ENTERPRISE MONITORING & LIFECYCLE MANAGEMENT Unify IT Operations Enterprise IT is complex. Today, IT infrastructure spans the physical, the virtual and applications, and crosses public, private and hybrid
Real-Time Database Protection and. Overview. 2010 IBM Corporation
Real-Time Database Protection and Monitoring: IBM InfoSphere Guardium Overview Agenda Business drivers for database security InfoSphere Guardium architecture Common applications The InfoSphere portfolio
Total Cloud Control with Oracle Enterprise Manager 12c. Kevin Patterson, Principal Sales Consultant, Enterprise Manager Oracle
Total Cloud Control with Oracle Enterprise Manager 12c Kevin Patterson, Principal Sales Consultant, Enterprise Manager Oracle 2 Copyright 2011, Oracle and/or its affiliates. All rights reserved. Insert
Vistara Lifecycle Management
Vistara Lifecycle Management Solution Brief Unify IT Operations Enterprise IT is complex. Today, IT infrastructure spans the physical, the virtual and applications, and crosses public, private and hybrid
Managing Oracle E-Business Suite Security
Managing Oracle E-Business Suite Security Erik Graversen, Senior Principal Software Developer Elke Phelps, Senior Principal Product Manager Oracle E-Business Suite Applications Technology Oracle Open World,
Total Protection for Compliance: Unified IT Policy Auditing
Total Protection for Compliance: Unified IT Policy Auditing McAfee Total Protection for Compliance Regulations and standards are growing in number, and IT audits are increasing in complexity and cost.
Maintaining PCI-DSS compliance. Daniele Bertolotti daniele_bertolotti@symantec.com Antonio Ricci antonio_ricci@symantec.com
Maintaining PCI-DSS compliance Daniele Bertolotti daniele_bertolotti@symantec.com Antonio Ricci antonio_ricci@symantec.com Sessione di Studio Milano, 21 Febbraio 2013 Agenda 1 Maintaining PCI-DSS compliance
Report: Symantec Solutions for Federal Government: CyberScope
CyberScope and Tighter Cybersecurity y Reporting Requirements: Are You Ready? Report: Symantec Solutions for Federal Government: CyberScope CyberScope and Tighter Cybersecurity y Reporting Requirements:
SafeNet DataSecure vs. Native Oracle Encryption
SafeNet vs. Native Encryption Executive Summary Given the vital records databases hold, these systems often represent one of the most critical areas of exposure for an enterprise. Consequently, as enterprises
Oracle Database Public Cloud Services
Oracle Database Public Cloud Services A Strategy and Technology Overview Bob Zeolla Principal Sales Consultant Oracle Education & Research November 23, 2015 Safe Harbor Statement The following is intended
Minder Network Performance Monitoring
Minder Network Performance Monitoring Monitor everything about your Network performance Discover, visualize and monitor your complete IT Infrastructure in less than an hour. Mindarray s Minder is a powerful
Key Steps to Meeting PCI DSS 2.0 Requirements Using Sensitive Data Discovery and Masking
Key Steps to Meeting PCI DSS 2.0 Requirements Using Sensitive Data Discovery and Masking SUMMARY The Payment Card Industry Data Security Standard (PCI DSS) defines 12 high-level security requirements directed
An Oracle White Paper June, 2014. Strategies for Scalable, Smarter Monitoring using Oracle Enterprise Manager Cloud Control 12c
An Oracle White Paper June, 2014 Strategies for Scalable, Smarter Monitoring using Oracle Enterprise Manager Cloud Control 12c Product Overview... 1 Introduction... 1 Laying the Groundwork for Monitoring...
Oracle Cloud Update November 2, 2015. Eric Frank Oracle Sales Consultant. Copyright 2014 Oracle and/or its affiliates. All rights reserved.
Oracle Cloud Update November 2, 2015 Eric Frank Oracle Sales Consultant Safe Harbor Statement The following is intended to outline our general product direction. It is intended for information purposes
NEXPOSE ENTERPRISE METASPLOIT PRO. Effective Vulnerability Management and validation. March 2015
NEXPOSE ENTERPRISE METASPLOIT PRO Effective Vulnerability Management and validation March 2015 KEY SECURITY CHALLENGES Common Challenges Organizations Experience Key Security Challenges Visibility gaps
Vulnerability Management
Vulnerability Management Buyer s Guide Buyer s Guide 01 Introduction 02 Key Components 03 Other Considerations About Rapid7 01 INTRODUCTION Exploiting weaknesses in browsers, operating systems and other
CONTINUOUS DIAGNOSTICS BEGINS WITH REDSEAL
CONTINUOUS DIAGNOSTICS BEGINS WITH REDSEAL WHAT IS CDM? The continuous stream of high profile cybersecurity breaches demonstrates the need to move beyond purely periodic, compliance-based approaches to
Database Security & Compliance with Audit Vault and Database Firewall. Pierre Leon Database Security
Database Security & Compliance with Audit Vault and Database Firewall Pierre Leon Database Security 1 Topics Encryption Authentication Authorising highly privileged users Access control by data classification
Oracle Database Security
Oracle Database Security Paul Needham, Senior Director, Product Management, Database Security Target of Data Breaches 2010 Data Breach Investigations Report Type Category % Breaches
Using Oracle Enterprise Manager Effectively to Become an Oracle Enterprise Manager Champion CON9711 Oracle Open World 2015
Using Oracle Enterprise Manager Effectively to Become an Oracle Enterprise Manager Champion CON9711 Oracle Open World 2015 Courtney Llamas (Oracle) Tyler Sharp (Cerner) Steve Meredith (Boeing) Joseph Kopilash
1 Copyright 2012, Oracle and/or its affiliates. All rights reserved. Public Information
1 Copyright 2012, Oracle and/or its affiliates. All rights reserved. Public Information The following is intended to outline our general product direction. It is intended for information purposes only,
APPLICATION MANAGEMENT SUITE FOR SIEBEL APPLICATIONS
APPLICATION MANAGEMENT SUITE FOR SIEBEL APPLICATIONS USER EXPERIENCE MANAGEMENT SERVICE LEVEL OBJECTIVE REAL USER MONITORING SYNTHETIC USER MONITORING SERVICE TEST KEY PERFORMANCE INDICATOR PERFORMANCE
APPLICATION COMPLIANCE AUDIT & ENFORCEMENT
TELERAN SOLUTION BRIEF Building Better Intelligence APPLICATION COMPLIANCE AUDIT & ENFORCEMENT For Exadata and Oracle 11g Data Warehouse Environments BUILDING BETTER INTELLIGENCE WITH BI/DW COMPLIANCE
Lumeta IPsonar. Active Network Discovery, Mapping and Leak Detection for Large Distributed, Highly Complex & Sensitive Enterprise Networks
IPsonar provides visibility into every IP asset, host, node, and connection on the network, performing an active probe and mapping everything that's on the network, resulting in a comprehensive view of
LogInspect 5 Product Features Robust. Dynamic. Unparalleled.
LogInspect 5 Product Features Robust. Dynamic. Unparalleled. Enjoy ultra fast search capabilities in simple and complex modes optimized for Big Data Easily filter and display relevant topics, eg: Top 10
Enterprise Security Solutions
Enterprise Security Solutions World-class technical solutions, professional services and training from experts you can trust ISOCORP is a Value-Added Reseller (VAR) and services provider for best in class
Best Practices for Monitoring Exadata Enterprise Manager Cloud Control 12c
Best Practices for Monitoring Exadata Enterprise Manager Cloud Control 12c Farouk Abushaban Senior Principal Technical Analyst Oracle USA, Engineered Systems Support September, 2014 Copyright 2014, Oracle
Copyright 2014 Oracle and/or its affiliates. All rights reserved.
Copyright 2014 Oracle and/or its affiliates. All rights reserved. Oracle Data Masking and Subsetting Oracle Advanced Security Best Practices for Database Encryption and Redaction Todd Bottger Sr. Principal
Oracle Identity Management Securing The New Digital Experience
Oracle Identity Management Securing The New Digital Experience Security: User Single Sign-On, Certifying User Access, and Masking Sensitive Data Henry Anzarouth Principal Sales Consultant, Security and
20 Critical Security Controls
WHITE PAPER June 2012 20 Critical Security Controls How CA Technologies can help federal agencies automate compliance processes Philip Kenney CA Security Management Table of Contents Executive Summary
Agio Remote Monitoring and Management
Remote Monitoring and Management s Remote Monitoring & Management is a 24x7x365 service in which we proactively manage your infrastructure and IT environment to make sure it s in a healthy state and stays
LogPoint 5.1 Product Features Robust. Dynamic. Unparalleled.
LogPoint 5.1 Product Features Robust. Dynamic. Unparalleled. LOGPOINT Enjoy ultra fast search capabilities in simple and complex modes optimized for Big Data Easily filter and display relevant topics,
HP Server Automation Standard
Data sheet HP Server Automation Standard Lower-cost edition of HP Server Automation software Benefits Time to value: Instant time to value especially for small-medium deployments Lower initial investment:
Larry Wilson Version 1.0 November, 2013. University Cyber-security Program Critical Asset Mapping
Larry Wilson Version 1.0 November, 2013 University Cyber-security Program Critical Asset Mapping Part 3 - Cyber-Security Controls Mapping Cyber-security Controls mapped to Critical Asset Groups CSC Control
Kaseya Traverse. Kaseya Product Brief. Predictive SLA Management and Monitoring. Kaseya Traverse. Service Containers and Views
Kaseya Product Brief Kaseya Traverse Predictive SLA Management and Monitoring Kaseya Traverse Traverse is a breakthrough cloud and service-level monitoring solution that provides real time visibility into
Monitoring, Managing and Supporting Enterprise Clouds with Oracle Enterprise Manager 12c Jan van Tiggelen, Senior Sales Consultant Oracle
Monitoring, Managing and Supporting Enterprise Clouds with Oracle Enterprise Manager 12c Jan van Tiggelen, Senior Sales Consultant Oracle Complete Cloud Lifecycle Management Optimize Plan Meter & Charge
Symantec's Continuous Monitoring Solution
Preparing for FISMA 2.0 and Continuous Monitoring Requirements Symantec's Continuous Monitoring Solution White Paper: Preparing for FISMA 2.0 and Continuous Monitoring Requirements Contents Introduction............................................................................................
Deploying a Private Cloud with the Oracle Cloud Platform; Customer Case Study.
Deploying a Private Cloud with the Oracle Cloud Platform; Customer Case Study. [CON1980] 27-October-2015 Peter Mars Oracle Advanced Customer Support, Technical Account Manager Oracle Advanced Customer
SecureGRC TM - Cloud based SaaS
- Cloud based SaaS Single repository for regulations and standards Centralized repository for compliance related organizational data Electronic workflow to speed up communications between various entries
Payment Card Industry Data Security Standard
Symantec Managed Security Services support for IT compliance Solution Overview: Symantec Managed Services Overviewview The (PCI DSS) was developed to facilitate the broad adoption of consistent data security
Delivering Cost Effective IT Services
M2 Technology Delivering Cost Effective IT Services Defense agencies have been directed to move towards cloud and shared service models by the Federal Data Center Consolidation Initiative (FDCCI), the
8 Key Requirements of an IT Governance, Risk and Compliance Solution
8 Key Requirements of an IT Governance, Risk and Compliance Solution White Paper: IT Compliance 8 Key Requirements of an IT Governance, Risk and Compliance Solution Contents Introduction............................................................................................
PCI Compliance for Cloud Applications
What Is It? The Payment Card Industry Data Security Standard (PCIDSS), in particular v3.0, aims to reduce credit card fraud by minimizing the risks associated with the transmission, processing, and storage
Data Security: Strategy and Tactics for Success
Data Security: Strategy and Tactics for Success DatabaseVisions,Inc. Fairfax, Va Oracle Gold Partner Solution Provider Oracle Security Specialized www.databasevisions.com Overview Cloud Computing presents
The following is intended to outline our general product direction. It is intended for information purposes only, and may not be incorporated into
1 The following is intended to outline our general product direction. It is intended for information purposes only, and may not be incorporated into any contract. It is not a commitment to deliver any
SOFTWARE ASSET MANAGEMENT Continuous Monitoring. September 16, 2013
SOFTWARE ASSET MANAGEMENT Continuous Monitoring September 16, 2013 Tim McBride National Cybersecurity Center of Excellence timothy.mcbride@nist.gov David Waltermire Information Technology Laboratory david.waltermire@nist.gov
How to Set Up and Use PeopleSoft Procurement and Supplier Contracts
How to Set Up and Use PeopleSoft Procurement and Supplier Contracts Keith Olander Director Product Management SCM PeopleSoft Copyright 2014 Oracle and/or its affiliates. All rights reserved. Oracle Confidential
Oracle Enterprise Manager 12c New Capabilities for the DBA. Charlie Garry, Director, Product Management Oracle Server Technologies
Oracle Enterprise Manager 12c New Capabilities for the DBA Charlie Garry, Director, Product Management Oracle Server Technologies of DBAs admit doing nothing to address performance issues CHANGE AVOID
SNOW SOFTWARE. Fredrik Spolén Country Manager Sales Director. Norway Denmark Finland
SNOW SOFTWARE Fredrik Spolén Country Manager Sales Director Norway Denmark Finland AGENDA FOR TODAY Introduction to SAM and Snow 4 th Generation SAM Snow SAM Platform Questions and Answers LACK OF SAM
EMC Data Protection Advisor 6.0
White Paper EMC Data Protection Advisor 6.0 Abstract EMC Data Protection Advisor provides a comprehensive set of features to reduce the complexity of managing data protection environments, improve compliance
APPLICATION MANAGEMENT SUITE FOR ORACLE E-BUSINESS SUITE APPLICATIONS
APPLICATION MANAGEMENT SUITE FOR ORACLE E-BUSINESS SUITE APPLICATIONS Oracle Application Management Suite for Oracle E-Business Suite delivers capabilities that helps to achieve high levels of application
ORACLE CLOUD MANAGEMENT PACK FOR ORACLE DATABASE
ORACLE CLOUD MANAGEMENT PACK FOR ORACLE DATABASE Oracle Enterprise Manager is Oracle s integrated enterprise IT management product line, and provides the industry s first complete cloud lifecycle management
Boosting enterprise security with integrated log management
IBM Software Thought Leadership White Paper May 2013 Boosting enterprise security with integrated log management Reduce security risks and improve compliance across diverse IT environments 2 Boosting enterprise
Private Cloud or Bust: Oracle WebLogic Server and Oracle Enterprise Manager
Private Cloud or Bust: Oracle WebLogic Server and Oracle Enterprise Manager Mike Lehmann Vice President Product Management WebLogic Server, Coherence, Java Cloud Services Henrik Blixt Director of Product
Cautela Labs Cloud Agile. Secured. Threat Management Security Solutions at Work
Cautela Labs Cloud Agile. Secured. Threat Management Security Solutions at Work Security concerns and dangers come both from internal means as well as external. In order to enhance your security posture
Oracle Enterprise Manager 12c Cloud Control for Managing Oracle E-Business Suite 12.2
Oracle Enterprise Manager 12c Cloud Control for Managing Oracle E-Business Suite 12.2 Angelo Rosado Senior Principal Product Manager Oracle E-Business Suite Development, Applications Technology Group September
Auditing Data Access Without Bringing Your Database To Its Knees
Auditing Data Access Without Bringing Your Database To Its Knees Black Hat USA 2006 August 1-3 Kimber Spradlin, CISA, CISSP, CPA Sr. Manager Security Solutions Dale Brocklehurst Sr. Sales Consultant Agenda
Developing Value from Oracle s Audit Vault For Auditors and IT Security Professionals
Developing Value from Oracle s Audit Vault For Auditors and IT Security Professionals November 13, 2014 Michael Miller Chief Security Officer Integrigy Corporation Stephen Kost Chief Technology Officer