Protecting Oracle Database 12c helps you solve the problem of maximizing the safety, resilience, and security of an Oracle database whilst preserving performance, availability, and integration despite ongoing and new security issues in the software. The book demonstrates, through coded examples, how you can enable the consolidation features of Oracle Database 12c without increasing risk of either internal corruption or external vulnerability. In addition, new protections not publicly available are included, so that you can see how demonstrable risk improvements can be achieved, measured, and reported through Enterprise Manager 12c. Most importantly, the challenge of privileged access control within a consolidation environment will be addressed, thus enabling a safe move to greater efficiency.

PART I. SECURITY OVERVIEW AND HISTORY

1. Oracle Security History

2. Current state of the Art

3. Extrapolating Current Trends

PART II. DEFENSE COOKBOOK

4. Managing Users in Oracle

5. Oracle Vulnerability Scanner

6. Centralized Native Auditing and IPS

7. Pluggable Database Primer

PART III. SECURITY IN THE 12C RELEASE

8. New Security Features in 12C

9. Design Flaws, Fixed and Remaining in 12C

10. New Security Issues in 12C

11. Advanced Defenses and Forensic Response

PART IV. SECURITY IN CONSOLIDATION

12. Privileged Access Control Foundations

13. Privileged Access Control Methods

14. Securing Privileged Access Control Systems

15. Rootkit Checker and Security Monitoring

PART V. ARCHITECTURAL RISK MANAGEMENT

16. Oracle Security Architecture Foundations

17. Enterprise Manager 12c As a Security Tool

18. Defending Enterprise Manager 12c

19. The Cloud and Privileged Access

20. Management and Conclusions

Paul M. Wright OCP has 14 years experience of Securing Oracle within the World's leading technology and financial institutions. Paul has been credited six times by the Oracle Security Patch for ethically reporting original security improvements he has discovered. Paul instructed Oracle Security for SANS.org in 2007 and has since published and presented for IOUG/UKOUG. Paul published the first book on database forensics and led the CIS 11g standard policy update. Paul's interests have expanded to include integration, availability and performance aspects and specifically how to optimise these whilst maintaining risk at acceptable levels. Paul's role as Lead Security person for the 12c Beta since March 2012 has focused new work onto securely achieving consolidation, which is the focus of his latest book for Apress.