Copyright 2013, Oracle and/or its affiliates. All rights reserved.

Similar documents
Oracle Database Security. Paul Needham Senior Director, Product Management Database Security

Copyright 2013, Oracle and/or its affiliates. All rights reserved.

Copyright 2013, Oracle and/or its affiliates. All rights reserved.

Protecting Sensitive Data Reducing Risk with Oracle Database Security

Oracle Database Security

1 Copyright 2012, Oracle and/or its affiliates. All rights reserved. Public Information

Securing Data in Oracle Database 12c

Complete Database Security. Thomas Kyte

Copyright 2012, Oracle and/or its affiliates. All rights reserved.

Oracle Identity Management Securing The New Digital Experience

<Insert Picture Here> Oracle Database Security Overview

Hayri Tarhan, Sr. Manager, Public Sector Security, Oracle Ron Carovano, Manager, Business Development, F5 Networks

Database Security & Compliance with Audit Vault and Database Firewall. Pierre Leon Database Security

Oracle Audit Vault and Database Firewall

1 Copyright 2012, Oracle and/or its affiliates. All rights reserved. Public Information

Copyright 2012, Oracle and/or its affiliates. All rights reserved.

1 Copyright 2012, Oracle and/or its affiliates. All rights reserved. Public Information

Oracle Database Security Solutions

Oracle Audit Vault and Database Firewall. Morana Kobal Butković Principal Sales Consultant Oracle Hrvatska

Database Security Questions HOUG Fehér Lajos. Copyright 2015, Oracle and/or its affiliates. All rights reserved.

Managing Oracle E-Business Suite Security

Copyright 2014 Oracle and/or its affiliates. All rights reserved.

An Oracle White Paper June Security and Compliance with Oracle Database 12c

Safeguard Sensitive Data in EBS: A Look at Oracle Database Vault, Transparent Data Encryption, and Data Masking. Lucy Feng

Oracle Database 11g: Security. What you will learn:

Data Security: Strategy and Tactics for Success

Oracle Database 11g: Security Release 2. Course Topics. Introduction to Database Security. Choosing Security Solutions

An Oracle White Paper April Security and Compliance with Oracle Database 12c

An Oracle White Paper June Oracle Database 11g: Cost-Effective Solutions for Security and Compliance

Oracle Database Security Services

Larry Wilson Version 1.0 November, University Cyber-security Program Critical Asset Mapping

Oracle 1Z0-528 Exam Questions & Answers

D50323GC20 Oracle Database 11g: Security Release 2

Oracle Database 11g: Security

Making Database Security an IT Security Priority

Oracle Database 11g: Security Release 2

<Insert Picture Here> Oracle Database Vault

2015 Jože Senegačnik Oracle ACE Director

An Oracle White Paper April Oracle Audit Vault and Database Firewall

Oracle Information Security Visioni

Oracle Database 12c Security and Compliance O R A C L E W H I T E P A P E R F E B R U A R Y

Enterprise Security Solutions

Cost Effective Data Management for Oracle Utilities Applications

SANS Top 20 Critical Controls for Effective Cyber Defense

Security Compliance and Data Governance: Dual problems, single solution CON8015

Oracle Database 11g: Security

Cybersecurity Health Check At A Glance

Teradata and Protegrity High-Value Protection for High-Value Data

MySQL Security: Best Practices

<Insert Picture Here> How to protect sensitive data, challenges & risks

FINAL DoIT v.8 APPLICATION SECURITY PROCEDURE

Obtaining Value from Your Database Activity Monitoring (DAM) Solution

Data Privacy: The High Cost of Unprotected Sensitive Data 6 Step Data Privacy Protection Plan

Guardium Change Auditing System (CAS)

Database Security. Oracle Database 12c - New Features and Planning Now

Protect the data that drives our customers business. Data Security. Imperva s mission is simple:

Transparent Data Encryption: New Technologies and Best Practices for Database Encryption

Intelligent Security Design, Development and Acquisition

Application Testing Suite Overview

White Paper How Noah Mobile uses Microsoft Azure Core Services

Goals. Understanding security testing

An Oracle White Paper January Oracle Database Firewall

Protecting Data Assets and Reducing Risk

About SecuPi. Your business runs on applications We secure them. Tel Aviv, Founded

Data-Centric Security vs. Database-Level Security

with Managing RSA the Lifecycle of Key Manager RSA Streamlining Security Operations Data Loss Prevention Solutions RSA Solution Brief

Oracle Database 11g Security Essentials

05.0 Application Development

IBM Security Strategy

Security Best Practices for Microsoft Azure Applications

THE BLUENOSE SECURITY FRAMEWORK

Formulate A Database Security Strategy To Ensure Investments Will Actually Prevent Data Breaches And Satisfy Regulatory Requirements

North Dakota 2013 IT Security Audit Vulnerability Assessment & Penetration Test Project Briefing

Information Supplement: Requirement 6.6 Code Reviews and Application Firewalls Clarified

An Oracle White Paper January Oracle Database Firewall

Host Hardening. Presented by. Douglas Couch & Nathan Heck Security Analysts for ITaP 1

An Oracle White Paper July Security in Private Database Clouds

Kelvin Wee CISA, CISM, CISSP Principal Consultant (DLP Specialist) Asia Pacific and Japan

Secret Server Qualys Integration Guide

Encrypting Sensitive Data in Oracle E-Business Suite

Company Co. Inc. LLC. LAN Domain Network Security Best Practices. An integrated approach to securing Company Co. Inc.

Application and Database Security with F5 BIG-IP ASM and IBM InfoSphere Guardium

WHITE PAPER. FortiWeb and the OWASP Top 10 Mitigating the most dangerous application security threats

How To Protect A Web Application From Attack From A Trusted Environment

Transcription:

1

Solutions for securing and auditing Oracle database Edgars Ruņģis Technology Consultant

Why Are Databases Vulnerable? 80% of IT Security Programs Don t Address Database Security Forrester Research Enterprises are taking on risks that they may not even be aware of. Network Security Especially as more and more attacks against databases exploit legitimate access by compromising applications and user credentials. Authentication & User Security Email Security Database Security SIEM Endpoint Security 3

Is perimeter based defense effective enough in case of Databases? 4

Considerations for Maximum Security Preventive and Detective Controls 5

Encryption is the Foundation Preventive Control for Oracle Databases Advanced Security Encrypts tablespaces or columns Prevents access to data at rest Built-in two-tier key management Requires no application changes Near Zero overhead with hardware Integrated with Oracle technologies Log files, Compression, ASM, DataPump Applications Disk Backups Exports Off-Site Facilities 6

Redaction of Sensitive Data Displayed Preventive Control for Oracle Database Advanced Security Real-time redaction of application data based upon user name, IP, application context, and other session factors Full, partial, fixed redaction Library of redaction policies and pointand-click policy definition Transparent to typical applications No impact on operational activities Credit Card Numbers 4451-2172-9841-4368 5106-8395-2095-5938 7830-0032-0294-1827 Redaction Policy xxxx-xxxx-xxxx-4368 4451-2172-9841-4368 Call Center Application Billing Department 7

Application Screen Before Redacting 8

Application Screens After Redacting DBMS_REDACT.ADD_POLICY( object_schema => 'CALLCENTER', object_name => 'CUSTOMERS' column_name => 'SSN'... 9

Masking Data for Non-Production Use Preventive Control for Oracle and non-oracle Databases Oracle Data Masking Replace sensitive application data Extensible template library and formats Referential integrity detected/preserved Application templates Integrates with Subsetting and Real Application Testing LAST_NAME SSN SALARY AGUILAR 203-33-3234 40,000 BENSON 323-22-2943 60,000 LAST_NAME SSN SALARY ANSKEKSL 323 23-1111 40,000 BKJHHEIEDK 252-34-1345 60,000 Production Non-Production Test Dev Production 10

11

Oracle Database Vault Privileged User and Operational Controls Procurement Application HR Finance select * from finance.customers Limit default powers of privileged users Enforce policy rules inside the database Violations audited, secured and sent to Oracle Audit Vault No application changes required DBA 12

Oracle Database Vault Realms Block DBA Privileges Block privileged database users from accessing application data Block threats from compromised privileged accounts Block application users from accessing other applications inside the same database Provide additional security check before allowing authorized users to access application data 13

Audit Database Activity Detective Control for Oracle and non-oracle Databases Oracle Audit Vault and Database Firewall Collect, Analyze audit/event data SOC Audit Data & Event Logs Centralized secure repository Consolidated multi-source reporting Out-of-the box and custom reports Fine-grain separation of duties Secure, scalable software appliance Auditor Alerts! Reports Policies! Audit Vault OS & Storage Directories Databases Custom 16

Database Activity Monitoring and Firewall Detective Control for Oracle and non-oracle Databases Oracle Audit Vault and Database Firewall Monitor network traffic, detect and block unauthorized database activity Detect/stop SQL injection attacks Highly accurate SQL grammar analysis Users Apps Allow Log Alert Substitute Block Whitelist approach to enforce activity Blacklists for managing high risk activity Scalable secure software appliance SQL Analysis Whitelist Blacklist Policy Factors 17

Oracle Audit Vault and Database Firewall Detective Control for Oracle and non Oracle Databases Database Firewall Users Firewall Events Alerts! Reports Policies AUDIT DATA Operating Systems File Systems Directories Custom Audit Data AUDIT VAULT 18

Configuration Management Administrative Control for Oracle Databases Oracle Database Lifecycle Management Discover and classify databases Scan for secure configuration Follow compliance frameworks Detect unauthorized changes Patching and provisioning Scan & Monitor Discover Patch 19

20

Oracle Maximum Security Architecture Core Components Advanced Security Data Redaction Users Database Vault Privilege Analysis Apps Alerts Database Firewall Events Data Masking Advanced Security TDE Database Vault Privileged User Controls Reports Policies Audit Vault Audit Data & Event Logs Databases OS & Storage Directories Custom 26

Oracle Database Security Resources www.oracle.com/database/security Data Sheets Whitepapers Webcasts Case Studies Events News and more 27

28

29

2026 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information