Home > Security News > Podcast: The state of Oracle security
Security News:
EMAIL THIS LICENSING & REPRINTS

Podcast: The state of Oracle security

By SearchSecurity.com Staff
01 Nov 2006 | SearchSecurity.com

Digg This!    StumbleUpon Toolbar StumbleUpon    Bookmark with Delicious Del.icio.us   

In October, Oracle released its quarterly patch update, which fixed 101 flaws across its product line. The release was made with a streamlined bulletin offering more detail on the flaws and their severity. The changes were in response to feedback from customers who have found past bulletins overly complicated and short on specifics. Oracle DBA Jon Emmons discusses the state of Oracle security with Senior News Writer Bill Brenner. Emmons is the keeper of a popular blog called "Life After Coffee," which focuses on Oracle security and other topics.

  Oracle DBA Jon Emmons: 

  Program highlights: 

  • (1:03) Introduction of DBA Jon Emmons.

  • (1:23) What are your initial observations on the new look of the CPU bulletin? Did you find this bulletin easier to digest than past releases?

  • (1:51) Do you agree with some of the security experts in the past who really railed against these bulletins being hopelessly complicated and hard to digest?

  • (2:40) As a database administrator, do you think you have a long task ahead of you getting your systems patched, or is this latest bulletin par for the course?

  • (3:13) From beginning to end, how long does it take from the time the CPU is released to the time that you have all of the patches deployed?

  • (3:42) Oracle has taken a lot of flak in the past from experts who say the company sits on flaws for too long and often doesn't properly fix something as advertised. Is that a fair assessment or is Oracle getting unfair criticism?

      Program Links: 

  • Oracle bulletins will rank patches, offer more detail: Oracle has been criticized in the past for releasing complex security bulletins that are hard to decipher. The streamlined bulletins will be easier to digest, the company says.

  • Oracle DBAs mixed on security progress: Some DBAs praise Oracle for its revamped patch bulletins, but others say the database giant's patching process still leaves much to be desired.

  • Security Wire Weekly: Oracle's Darius Wiles: Oracle's Darius Wiles discusses the database giant's vulnerability patching process and the criticisms levied against it.

  • Oracle fixes 101 flaws: Attackers could exploit 45 of the 101 flaws remotely without a username or password. Meanwhile, the new CPU offers more detail on the number of flaws patched and their severity.

  • Oracle owns up to patching problems: Database giant Oracle Corp. has faced mounting criticism of its security patching process during the last two years.

  • Information Security podcasts: Visit SearchSecurity's podcast archive.



    Sound Off! -   Be the first to post a message to Sound Off!


    Tags: Patch ManagementVIEW ALL TAGS

    Digg This!    StumbleUpon Toolbar StumbleUpon    Bookmark with Delicious Del.icio.us   


    • TechTarget Security Media
    Information Security View this month\\'s issue and subscribe today.
    Information Security Decisions Apply online for free conference admission.
    		SearchSecurity.com
    HomeNewsMagazineWebcastsWhite PapersLearningAdviceTopicsEventsAbout Us
    SEARCH :     Advanced Search | Site Index Powered by: Search Powered by Google

    About Us  |  Contact Us  |  For Advertisers  |  For Business Partners  |  Site Index  |  RSS
    TechTarget provides enterprise IT professionals with the information they need to perform their jobs - from developing strategy, to making cost-effective IT purchase decisions and managing their organizations' IT projects - with its network of technology-specific Web sites, events and magazines.

    TechTarget Corporate Web Site  |  Media Kits  |  Reprints  |  Site Map




    All Rights Reserved, Copyright 2003 - 2008, TechTarget | Read our Privacy Policy     		  TechTarget - The IT Media ROI Experts