Copyright 2013, Oracle and/or its affiliates. All rights reserved.

Similar documents
Copyright 2013, Oracle and/or its affiliates. All rights reserved.

Copyright 2013, Oracle and/or its affiliates. All rights reserved.

Oracle Database Security. Paul Needham Senior Director, Product Management Database Security

Protecting Sensitive Data Reducing Risk with Oracle Database Security

Oracle Database Security

1 Copyright 2012, Oracle and/or its affiliates. All rights reserved. Public Information

Complete Database Security. Thomas Kyte

Oracle Identity Management Securing The New Digital Experience

Securing Data in Oracle Database 12c

Copyright 2012, Oracle and/or its affiliates. All rights reserved.

Hayri Tarhan, Sr. Manager, Public Sector Security, Oracle Ron Carovano, Manager, Business Development, F5 Networks

<Insert Picture Here> Oracle Database Security Overview

Oracle Audit Vault and Database Firewall

Database Security & Compliance with Audit Vault and Database Firewall. Pierre Leon Database Security

Copyright 2012, Oracle and/or its affiliates. All rights reserved.

1 Copyright 2012, Oracle and/or its affiliates. All rights reserved. Public Information

1 Copyright 2012, Oracle and/or its affiliates. All rights reserved. Public Information

Larry Wilson Version 1.0 November, University Cyber-security Program Critical Asset Mapping

Oracle Database Security Solutions

with Managing RSA the Lifecycle of Key Manager RSA Streamlining Security Operations Data Loss Prevention Solutions RSA Solution Brief

Oracle Audit Vault and Database Firewall. Morana Kobal Butković Principal Sales Consultant Oracle Hrvatska

Security Compliance and Data Governance: Dual problems, single solution CON8015

Database Security Questions HOUG Fehér Lajos. Copyright 2015, Oracle and/or its affiliates. All rights reserved.

Copyright 2014 Oracle and/or its affiliates. All rights reserved.

McAfee Database Security. Dan Sarel, VP Database Security Products

Guardium Change Auditing System (CAS)

Making Database Security an IT Security Priority

Key Steps to Meeting PCI DSS 2.0 Requirements Using Sensitive Data Discovery and Masking

Host Hardening. Presented by. Douglas Couch & Nathan Heck Security Analysts for ITaP 1

Data Security: Strategy and Tactics for Success

How To Secure A Database From A Leaky, Unsecured, And Unpatched Server

Managing Oracle E-Business Suite Security

Obtaining Value from Your Database Activity Monitoring (DAM) Solution

<Insert Picture Here> Oracle Database Vault

MySQL Security: Best Practices

Data Privacy: The High Cost of Unprotected Sensitive Data 6 Step Data Privacy Protection Plan

CSN38:Tracking Privileged User Access within an ArcSight Logger and SIEM Environment Philip Lieberman, President and CEO

Cybersecurity Health Check At A Glance

Enterprise Security Solutions

Kelvin Wee CISA, CISM, CISSP Principal Consultant (DLP Specialist) Asia Pacific and Japan

An Oracle White Paper June Oracle Database 11g: Cost-Effective Solutions for Security and Compliance

Intelligent Security Design, Development and Acquisition

Cost Effective Data Management for Oracle Utilities Applications

An Oracle White Paper April Oracle Audit Vault and Database Firewall

How To Control Vcloud Air From A Microsoft Vcloud (Vcloud)

Securing Privileges in the Cloud. A Clear View of Challenges, Solutions and Business Benefits

Mitigating Risks and Monitoring Activity for Database Security

An Oracle White Paper April Security and Compliance with Oracle Database 12c

With Great Power comes Great Responsibility: Managing Privileged Users

An Oracle White Paper June Security and Compliance with Oracle Database 12c

PCI Requirements Coverage Summary Table

Oracle Database 11g: Security. What you will learn:

BKDconnect Security Overview

Application Testing Suite Overview

Device Hardening, Vulnerability Remediation and Mitigation for Security Compliance

Why Add Data Masking to Your IBM DB2 Application Environment

SANS Top 20 Critical Controls for Effective Cyber Defense

A Websense Research Brief Prevent Data Loss and Comply with Payment Card Industry Data Security Standards

Credit Cards and Oracle: How to Comply with PCI DSS. Stephen Kost Integrigy Corporation Session #600

<Insert Picture Here> How to protect sensitive data, challenges & risks

North Dakota 2013 IT Security Audit Vulnerability Assessment & Penetration Test Project Briefing

External Penetration Assessment and Database Access Review

<Insert Picture Here> Application Change Management and Data Masking

Database Security and Auditing: Leading Practices. Rob Barnes Director, Enterprise Auditing Solutions Application Security, Inc.

Oracle Database Security Services

Analyzing Security for Retailers An analysis of what retailers can do to improve their network security

Compliance Guide ISO Compliance Guide. September Contents. Introduction 1. Detailed Controls Mapping 2.

Test Data Management for Security and Compliance

Effective Threat Management. Building a complete lifecycle to manage enterprise threats.

Teradata and Protegrity High-Value Protection for High-Value Data

RSA envision. Platform. Real-time Actionable Security Information, Streamlined Incident Handling, Effective Security Measures. RSA Solution Brief

Securing and protecting the organization s most sensitive data

Worldwide Security and Vulnerability Management Forecast and 2008 Vendor Shares

Database Auditing: Best Practices. Rob Barnes, CISA Director of Security, Risk and Compliance Operations

Secret Server Qualys Integration Guide

Oracle Database 11g: Security Release 2. Course Topics. Introduction to Database Security. Choosing Security Solutions

Presented by Evan Sylvester, CISSP

ForeScout CounterACT CONTINUOUS DIAGNOSTICS & MITIGATION (CDM)

HIPAA: MANAGING ACCESS TO SYSTEMS STORING ephi WITH SECRET SERVER

Assuria Auditor The Configuration Assurance, Vulnerability Assessment, Change Detection and Policy Compliance Reporting Solution for Enterprise

Vulnerability Management

GFI White Paper PCI-DSS compliance and GFI Software products

Protect the data that drives our customers business. Data Security. Imperva s mission is simple:

Kenna Platform Security. A technical overview of the comprehensive security measures Kenna uses to protect your data

THE BLUENOSE SECURITY FRAMEWORK

The Cloud App Visibility Blindspot

SANS Institute First Five Quick Wins

Transcription:

1

The following is intended to outline our general product direction. It is intended for information purposes only, and may not be incorporated into any contract. It is not a commitment to deliver any material, code, or functionality, and should not be relied upon in making purchasing decisions. The development, release, and timing of any features or functionality described for Oracle s products remains at the sole discretion of Oracle. Oracle Database 12c was released July 01, 2013. Oracle 11g Release 2 Patchset 3 (11.2.0.4) is planned for Calendar Year 2013. 2

Security Inside Out Latest Innovations in Oracle Database 12c Russ Lowenthal Oracle Protected Enteprise

Records breached 67 % from servers 76 % Breached using weak or stolen credentials Over 1.1B Served Discovered by an 69 % external party 97 % Preventable with basic controls 4

Data Breaches are the Tip of the Iceberg Digital Security is the New Battle Ground We are at the mercy of a new generation of spies who operate remotely [that] have already shown their ability to penetrate our power plants, steal our latest submarine technology, rob our banks, and invade the Pentagon s secret communications systems. Joel Brenner, former Inspector General of the National Security Agency and Chief of Counterintelligence for the Director of National Intelligence 5

Targets Increasing as Attacks Evolve DBAs, OS Admins, Developers, Multiple Copies of the Data, etc. Anatomy of an Attack You don t bother to just simply hack the organization and its infrastructure; you focus much more of your attention on hacking the employees. Uri Rivner CTO, RSA (Security Division of EMC) 6

Why Are Databases So Vulnerable? 80% of IT Security Programs Don t Address Database Security Forrester Research Network Security Enterprises are taking on risks that they may not even be aware Authentication & User Security SIEM of. Especially as more and more attacks against databases exploit legitimate access. Email Security Database Security Web Application Firewall Endpoint Security 7

Oracle Database Security Solutions Defense-in-Depth for Maximum Security PREVENTIVE DETECTIVE ADMINISTRATIVE Encryption Activity Monitoring Privilege Analysis Redaction and Masking Database Firewall Sensitive Data Discovery Privileged User Controls Auditing and Reporting Configuration Management 8

Oracle Database Security Solutions Defense-in-Depth for Maximum Security PREVENTIVE DETECTIVE ADMINISTRATIVE Encryption Activity Monitoring Privilege Analysis Redaction and Masking Database Firewall Sensitive Data Discovery Privileged User Controls Auditing and Reporting Configuration Management 9

Encryption is the Foundation Preventive Control for Oracle Databases Oracle Advanced Security Transparent data encryption Prevents access to data at rest Requires no application changes Built-in two-tier key management Near Zero overhead with hardware Integrations with Oracle technologies e.g. Exadata, Advanced Compression, ASM, Golden Gate, DataPump, etc. Applications Disk Backups Exports Off-Site Facilities 10

Redaction of Sensitive Data Displayed Preventive Control for Oracle Database 12c Oracle Advanced Security Real-time sensitive data redaction based on database session context Library of redaction policies and pointand-click policy definition Consistent enforcement, policies applied to data Transparent to applications, users, and operational activities Credit Card Numbers 4451-2172-9841-4368 5106-8395-2095-5938 7830-0032-0294-1827 Redaction Policy xxxx-xxxx-xxxx-4368 4451-2172-9841-4368 Call Center Application Billing Department 11

12

Masking Data for Non-Production Use Preventive Control for Oracle Databases Oracle Data Masking Replace sensitive application data Referential integrity detected/preserved Extensible template library and formats Application templates available Support for masking data in non-oracle databases LAST_NAME SSN SALARY AGUILAR 203-33-3234 40,000 BENSON 323-22-2943 60,000 Production Test Dev Non-Production LAST_NAME SSN SALARY ANSKEKSL 323 23-1111 60,000 BKJHHEIEDK 252-34-1345 40,000 Production 13

14

15

16

17

Audit, Report, and Alert in Real-Time Detective Control for Oracle and non-oracle Databases Oracle Audit Vault and Database Firewall Centralized secure repository delivered as secure, scalable software appliance Audit Data & Event Logs Oracle Database Firewall! Alerts SOC Powerful alerting - thresholds, group-by Out-of-the box and custom reports Consolidated multi-source reporting Built-in fine grain segregation of duties OS & Storage Directories Databases Custom Built-in Reports Custom Reports Policies Auditor Security Analyst 18

Oracle Audit Vault and Database Firewall New Solution for Oracle and Non-Oracle Databases Users Applications Database Firewall Allow Log Alert Substitute Block Firewall Events SOC Alerts! Auditor Security Analyst Built-in Reports Custom Reports Policies Audit Vault Audit Data OS, Directory, File System & Custom Audit Logs 19

Oracle Database Security Solutions Defense-in-Depth for Maximum Security PREVENTIVE DETECTIVE ADMINISTRATIVE Encryption Activity Monitoring Privilege Analysis Redaction and Masking Database Firewall Sensitive Data Discovery Privileged User Controls Auditing and Reporting Configuration Management 20

Discover Use of Privileges and Roles Administrative Control for Oracle Database 12c Oracle Database Vault Turn on privilege capture mode Report on actual privileges and roles used in the database Helps revoke unnecessary privileges Enforce least privilege and reduce risks Increase security without disruption Privilege Analysis Create Drop Modify DBA role APPADMIN role 21

Discover Sensitive Data and Databases Administrative Control for Oracle Database 12c Oracle Enterprise Manager 12c Scan Oracle for sensitive data Built-in, extensible data definitions Discover application data models Protect sensitive data appropriately: encrypt, redact, mask, audit 22

Configuration Management Administrative Control for Oracle Databases Oracle Database Lifecycle Management Discover and classify databases Scan for best practices, standards Detect unauthorized changes Automated remediation Patching and provisioning Scan & Monitor Discover Patch 23

Oracle Database Security Solutions Defense-in-Depth for Maximum Security PREVENTIVE DETECTIVE ADMINISTRATIVE Encryption Activity Monitoring Privilege Analysis Redaction and Masking Database Firewall Sensitive Data Discovery Privileged User Controls Auditing and Reporting Configuration Management 24

Oracle Database Security Customers Worldwide Rely on Oracle Database Security 25

Oracle Database Security Solutions Summary Security and Compliance Enterprise Ready Simple and Flexible Speed and Scale 26

Oracle Database Security Resources www.oracle.com/database/security Data Sheets Whitepapers Webcasts Case Studies Events News and more 27

Q&A 28

29

The following is intended to outline our general product direction. It is intended for information purposes only, and may not be incorporated into any contract. It is not a commitment to deliver any material, code, or functionality, and should not be relied upon in making purchasing decisions. The development, release, and timing of any features or functionality described for Oracle s products remains at the sole discretion of Oracle. Release timing for Oracle Database 12c is planned for Calendar Year 2013. 30

31