Difference between revisions of "Category:OWASP Oracle Project"

From OWASP
Jump to: navigation, search
 
(8 intermediate revisions by 2 users not shown)
Line 1: Line 1:
 +
{{:Template:Orphaned Projects}}
 +
 +
==== Main  ====
 +
 
==About==
 
==About==
 
The OWASP Oracle Project's goal is to enable administrator and developers using Oracle databases, frameworks or tooling to build secure applications efficiently.
 
The OWASP Oracle Project's goal is to enable administrator and developers using Oracle databases, frameworks or tooling to build secure applications efficiently.
Line 30: Line 34:
 
;Testers
 
;Testers
 
:Even though the old Oracle products are well known and the newer ones are J2EE based, their possibilties are not that well documented, so finding vulnerabilities for most testers will be a lot harder than say a .net enviroment.
 
:Even though the old Oracle products are well known and the newer ones are J2EE based, their possibilties are not that well documented, so finding vulnerabilities for most testers will be a lot harder than say a .net enviroment.
 +
 +
==Touchpoints==
 +
 +
===Network===
 +
 +
* [[TNS]]
 +
* [[Listner]]
 +
* [[DBNSMP]]
 +
 +
===Applications===
 +
 +
* [[E-business Suite]]
 +
* [[SOA Suite]]
 +
* [[BI Suite]]
 +
 +
===Development===
 +
 +
* [[PL/SQL]]
 +
* [[Oracle Forms]]
 +
* [[Application Express (ApEx)]]
 +
* [[Application Development Framework (ADF)]]
 +
* [[JDeveloper]]
 +
* [[Java]]
 +
 +
===Database===
 +
 +
* [[Oracle Express 10g]]
 +
* [[Oracle 11g]]
 +
* [[Oracle 10g]]
 +
* [[Oracle 9i]]
 +
* [[Oracle 8i]]
 +
 +
===Operating System===
 +
 +
* [[Windows]]
 +
* [[*nix]]
 +
 +
==== Project Identification ====
 +
 +
[[Category:Platform]]
 +
[[Category:OWASP Project|Oracle Project]]
 +
{{:GPC Project Details/OWASP Oracle Project | OWASP Project Identification Tab}}
 +
__NOTOC__ <headertabs />

Latest revision as of 10:28, 6 October 2009

Attention icon.png

This Project has been identified as an orphaned one. If you find interest in assuming its lead, please contact the Global Projects Committee.

Attention icon.png

Main

About

The OWASP Oracle Project's goal is to enable administrator and developers using Oracle databases, frameworks or tooling to build secure applications efficiently.

Joining the Project

Marinus J. Kuivenhoven leads the project. The project's high level roadmap can be found at the OWASP Oracle Project Roadmap

  1. visit the Tutorial,
  2. join the mailing list
  3. and pick a topic from the OWASP Oracle Table of Contents, or suggest a new topic.

Remember to add the tag: [[Category:OWASP Oracle Project]] to the end of new articles so that they're properly categorised.

Oracle Security Overview

Why Oracle Security???

Architects
With Oracle now supporting the grid computing architecture, security has spread from one machine to several, which increases the chance on a vulnerability.
Administrators
Oracle is not the fastest releaser of patches, but because of the complexity of most systems, also DBA's often take their time to patch the system, because they don't want to break a running application. Also Oracle is great at enabling a lot of features by default, if you don't know what they do and which you really need, you could have a lot more vulnerabilities than you could handle. A DBA simply needs to understand who is accessing their database and how it is done.
Developers
Legacy frameworks like Oracle Designer and Oracle Forms have built-in support for making a SQL injection, even when working in a non webbased enviroment. The newer framesworks (like ADF and Application Express) are great in making it easy to develop database oriented applications. But they are meta-frameworks, which makes understanding what is going on on a lower level, virtually impossible for most developers.
Deployers
Since most DBA's are now unintended Web- and ASadministrators, their knowledgde is small and one-sided.
Testers
Even though the old Oracle products are well known and the newer ones are J2EE based, their possibilties are not that well documented, so finding vulnerabilities for most testers will be a lot harder than say a .net enviroment.

Touchpoints

Network

Applications

Development

Database

Operating System

Project Identification

PROJECT INFO
What does this OWASP project offer you?
what is this project?
OWASP Oracle Project

Purpose: N/A

License: N/A

who is working on this project?
Project Leader: N/A

Project Maintainer:

Project Contributor(s): N/A

how can you learn more?
Project Pamphlet: N/A

3x slide Project Presentation: N/A

Mailing list: N/A

Project Roadmap: N/A

Main links: N/A

Project Health: Yellow button.JPG Not Reviewed (Provisional)
To be reviewed under Assessment Criteria v2.0

Key Contacts
  • Contact the GPC to contribute, review or sponsor this project
  • Contact the GPC to report a problem or concern about this project or to update information.

Pages in category "OWASP Oracle Project"

The following 6 pages are in this category, out of 6 total.