Oracle E-Business Suite Security - Signed JAR Files - What Should You Do –...
In our blog post on 16-May, we provided guidance on Java JAR signing for the E-Business Suite. We are continuing our research on E-Business Suite Java JAR signing and will be presenting it in a...
View ArticleOracle E-Business Suite Security Q&A
In celebration of AppSentry’s ten year anniversary, Integrigy’s July webinar is open Q&A on Oracle E-Business Suite security. Integrigy's Oracle security experts answer client questions regarding...
View ArticleUTL_FILE_DIR Security Weakness: Why and How To Use Oracle Directories
UTL_FILE_DIR is the database initialization parameter the Oracle Database uses to determine what operating system directories and files PL/SQL packages, functions, and procedures may read from or write...
View ArticleClik here to view.
Integrigy and CardConnect - Oracle E-Business Suite and PCI Compliance
Achieving PCI compliance and staying PCI compliant is a big task for any business, especially when the default settings within Oracle E-Business Suite do not meet the list of requirements set forth by...
View ArticleClik here to view.
SSLv3 POODLE (CVE-2014-3566) Vulnerability and Oracle E-Business Suite Impact
Oracle E-Business Suite environments may be vulnerable to the recently disclosed “POODLE” SSLv3 vulnerability (CVE-2014-3566) depending on where SSL termination is performed for the application....
View ArticleLogging Actual Application User Names for Oracle E-Business Suite, SAP,...
Knowing which person, not just which database account, has been a challenge for database logging and auditing when working with enterprise software applications such as the Oracle E-Business Suite,...
View ArticleOracle E-Business Suite Database 12c Upgrade Security Notes
When upgrading the Oracle E-Business Suite database to Oracle Database 12c (12.1), there are a number of security considerations and steps that should be included in the upgrade procedure. Oracle...
View ArticleClik here to view.
Oracle E-Business Suite and Oracle 12c Security
Oracle 12c database, recently certified with the Oracle E-Business Suite, delivers several new important security features that will be of value to Oracle E-Business Suite professionals needing to meet...
View ArticleOracle E-Business Suite 12.0 - CPU Support Ends This Quarter
Oracle E-Business Suite 12.0 Extended Support ends on January 31, 2015. Sustaining Support does not include security fixes in the form of Critical Patch Updates (CPU). The final 12.0 CPU will be the...
View ArticleClik here to view.
Oracle EBS SYS.DUAL PUBLIC Privileges Security Issue Analysis (CVE-2015-0393)
Oracle E-Business Suite environments may be vulnerable due to excessive privileges granted on the SYS.DUAL table to PUBLIC. This security issue has been resolved in the January 2015 Oracle Critical...
View ArticleOracle EBS SYS.DUAL PUBLIC Privileges Security Issue Analysis (CVE-2015-0393)
Oracle E-Business Suite environments may be vulnerable due to excessive privileges granted on the SYS.DUAL table to PUBLIC. This security issue has been resolved in the January 2015 Oracle Critical...
View ArticleUPDATED: Oracle EBS SYS.DUAL PUBLIC Privileges Security Issue Analysis...
Oracle E-Business Suite environments may be vulnerable due to excessive privileges granted on the SYS.DUAL table to PUBLIC. This security issue has been resolved in the January 2015 Oracle Critical...
View ArticleFine Grained Auditing (FGA) and Protecting Oracle E-Business PII Data for...
With the recent news about yet another database breach of Personally Identifiable Information (PII), Integrigy had a discussion with a client about how to better protect the PII data of their...
View ArticleClik here to view.
Security Implications of Oracle Product Desupport
Oracle is aggressive in desupporting products - most product versions are desupported within 18 months of release except for terminal releases. Oracle Database 11.2.0.3 and Oracle E-Business Suite...
View ArticleClik here to view.
Oracle E-Business Suite and PCI Complaince
Achieving PCI compliance and staying PCI compliant is a big task for any business, especially when the default settings within Oracle E-Business Suite do not meet the list of requirements set forth by...
View ArticleClik here to view.
DAM tools, IBM Guardium, Oracle E-Business Suite, PeopleSoft and SAP
A question we have answered a few times in the last few months is whether or not, and if so, how easy do Database Activity Monitoring (DAM) tools such as IBM Guardium support ERP platforms such as the...
View ArticleClik here to view.
Securing Oracle E-Business Suite in the Cloud
Are you contemplating moving your Oracle E-Business Suite (EBS) to the cloud? Have you considered the various needs such as implementing upgrades, testing, auditing and security? Are you comfortable...
View ArticleClik here to view.
Solving Oracle E-Business Suite Security Challenges with Database Vault
In complex Oracle E-Business Suite environments, controlling privileged users and restricting direct database access are examples of the security challenges that organizations must solve in order to...
View ArticleOracle E-Business Suite Critical Patch Update (CPU) Planning for 2016
With the start of the new year, it is now time to think about Oracle Critical Patch Updates for 2016. Oracle releases security patches in the form of Critical Patch Updates (CPU) each quarter...
View ArticleOracle Critical Patch Update January 2016 E-Business Suite Analysis
To start, the January 2016 Critical Patch Update (CPU) for Oracle E-Business Suite (EBS) is significant and high-risk. First, this CPU with 78 EBS security fixes has 10x the number of EBS security...
View Article