SlideShare a Scribd company logo

Introducing Oracle Audit Vault and Database Firewall

Download as PPTX, PDF
T
Troy Kitch

Join us to hear about a new Oracle product that monitors Oracle and non-Oracle database traffic, detects unauthorized activity including SQL injection attacks, and blocks internal and external threats from reaching the database. In addition this new product collects and consolidates audit data from databases, operating systems, directories, and any custom template-defined source into a centralized, secure warehouse. This new enterprise security monitoring and auditing platform allows organizations to quickly detect and respond to threats with powerful real-time policy analysis, alerting and reporting capabilities. Based on proven SQL grammar analysis that ensures accuracy, performance, and scalability, organizations can deploy with confidence in any mode. You will also hear how organizations such as TransUnion Interactive and SquareTwo Financial rely on Oracle today to monitor and secure their Oracle and non-Oracle database environments.

Technology
1 of 28
1 Copyright © 2012, Oracle and/or its affiliates. All rights reserved.
Introducing Oracle Audit Vault and Database Firewall
Billions of Database Records Breached Globally 97% of Breaches Were Avoidable with Basic Controls 98% records stolen from databases 84% records breached using stolen credentials 71% fell within minutes 92% discovered by third party 3 Copyright © 2012, Oracle and/or its affiliates. All rights reserved.
Why are Databases so Vulnerable? 80% of IT Security Programs Don’t Address Database Security Forrester Research Network Security “Enterprises are taking on risks Authentication SIEM & User Security that they may not even be aware of. Especially as more and more Email Security Endpoint attacks against databases exploit Database Security Security legitimate access.” Web Application Firewall 5 Copyright © 2012, Oracle and/or its affiliates. All rights reserved.
Oracle Database Security Solutions Defense-in-Depth for Maximum Security PREVENTIVE DETECTIVE ADMINISTRATIVE Encryption Activity Monitoring Privilege Analysis Redaction and Masking Database Firewall Sensitive Data Discovery Privileged User Controls Auditing and Reporting Configuration Management 6 Copyright © 2012, Oracle and/or its affiliates. All rights reserved.
Oracle Database Security Solutions Detect and Block Threats, Alert, Audit and Report PREVENTIVE DETECTIVE ADMINISTRATIVE Encryption Activity Monitoring Privilege Analysis Redaction and Masking Database Firewall Sensitive Data Discovery Privileged User Controls Auditing and Reporting Configuration Management 7 Copyright © 2012, Oracle and/or its affiliates. All rights reserved.
Oracle Audit Vault and Database Firewall New Solution for Oracle and Non-Oracle Databases Database Firewall Users Allow Log Alert Applications Substitute Block Firewall Events Auditor Reports Audit Data Alerts ! Security Manager Policies OS, Directory, File System & Custom Audit Logs Audit Vault 8 Copyright © 2012, Oracle and/or its affiliates. All rights reserved.
Oracle Audit Vault and Database Firewall SQL Injection Protection with Positive Security Model SELECT * from stock White List where catalog-no='PHE8131' Allow Block Applications SELECT * from stock where catalog-no=‘ Databases ' union select cardNo,0,0 from Orders --’ • “Allowed” behavior can be defined for any user or application • Automated white list generation for any application • Out-of-policy database transaction detected and blocked/alerted 9 Copyright © 2012, Oracle and/or its affiliates. All rights reserved.
Oracle Audit Vault and Database Firewall Enforcing Database Activity with Negative Security Model SELECT * FROM v$session Black List Block DBA activity from Application? SELECT * FROM Allow + Log DBA activity from v$session Approved Workstation • Stop specific unwanted SQL interactions, user or schema access • Blacklisting can be done on factors such as time of day, day of week, network, application, user name, OS user name etc • Provide flexibility to authorized users while still monitoring activity 10 Copyright © 2012, Oracle and/or its affiliates. All rights reserved.
Oracle Audit Vault and Database Firewall Comprehensive Enterprise Audit and Log Consolidation  Databases: Oracle, SQL Server, DB2 LUW, Sybase ASE  New Audit Sources – Operating Systems: Microsoft Windows, Solaris – Directory Services: Active Directory – File Systems: Oracle ACFS  Audit Collection Plugins for Custom Audit Sources – XML file maps custom audit elements to canonical audit elements – Collect and map data from XML audit file and database tables 11 Copyright © 2012, Oracle and/or its affiliates. All rights reserved.
Oracle Audit Vault and Database Firewall Audit and Event Repository  Based on proven Oracle Database technology – Includes compression, partitioning, scalability, high availability, etc. – Open schema for flexible reporting  Information lifecycle management for target specific data retention  Centralized web console for easy administration  Command line utility for automation and scripting 12 Copyright © 2012, Oracle and/or its affiliates. All rights reserved.
Oracle Audit Vault and Database Firewall Audit and Event Data Security  Software appliance based on hardened OS and pre- configured database  Fine-grained administrative groups – Sources can be grouped for access authorization – Individual auditor reports limited to data from the „grouped‟ sources  Separation of duties  Powerful multi-event alerting with thresholds and group-by 13 Copyright © 2012, Oracle and/or its affiliates. All rights reserved.
Oracle Audit Vault and Database Firewall Single Administrator Console 14 Copyright © 2012, Oracle and/or its affiliates. All rights reserved.
Oracle Audit Vault and Database Firewall Default Reports 15 Copyright © 2012, Oracle and/or its affiliates. All rights reserved.
Oracle Audit Vault and Database Firewall Out-of-the Box Compliance Reporting 16 Copyright © 2012, Oracle and/or its affiliates. All rights reserved.
Oracle Audit Vault and Database Firewall Report with Data from Multiple Source Types 17 Copyright © 2012, Oracle and/or its affiliates. All rights reserved.
Oracle Audit Vault and Database Firewall Auditing Stored Procedure Calls – Not Visible on the Network 18 Copyright © 2012, Oracle and/or its affiliates. All rights reserved.
Oracle Audit Vault and Database Firewall Extensive Audit Details 19 Copyright © 2012, Oracle and/or its affiliates. All rights reserved.
Oracle Audit Vault and Database Firewall Blocking SQL Injection Attacks 20 Copyright © 2012, Oracle and/or its affiliates. All rights reserved.
Oracle Audit Vault and Database Firewall Powerful Alerting Filter Conditions 21 Copyright © 2012, Oracle and/or its affiliates. All rights reserved.
Oracle Audit Vault and Database Firewall Flexible Deployment Architectures In-Line Blocking and Monitoring Remote Monitoring Out-of-Band Monitoring Applications and Users HA Mode Inbound SQL Traffic Audit Agents Audit Vault Audit Data Audit Vault Primary Standby Software Appliances 22 Copyright © 2012, Oracle and/or its affiliates. All rights reserved.
Oracle Audit Vault and Database Firewall Performance and Scalability  Audit Vault – Supports monitoring and auditing multiple hundreds of heterogeneous database and non-database targets – Supports wide range of hardware to meet load requirements  Database Firewall – Decision time is independent of the number of rules in the policy – Multi-device / multi-process / multi-core scalability – 8 core can handle between 30K – 60K transactions/second 23 Copyright © 2012, Oracle and/or its affiliates. All rights reserved.
T-Mobile Protecting Customer Data in Oracle and non-Oracle Databases Challenge  Protect sensitive data – PCI, CPNI, SPII – in both Oracle and non- Oracle Databases  Monitor database threats, including SQL injection attacks and data Provider of wireless voice, harvesting, without having to change application code messaging, and data  Full visibility into database activity services throughout the U.S. Fourth largest wireless  Understand what types of changes are being made to sensitive data company in the U.S. with Solution more than 35 million subscribers  Addresses data security with Database Firewall, TDE, Data Masking Industry: Telecom as comprehensive database security defense-in-depth strategy  Database activity monitoring prevents insider and external threats  Deployed and setup within a few hours; already protected against a few compromised accounts that were harvesting data 24 Copyright © 2012, Oracle and/or its affiliates. All rights reserved.
SquareTwo Financial Addresses Regulatory Compliance, Enables Separation of Duties Challenge  Comply with a number of regulations: GLBA, HIPAA, SOX, and PCI  Prove separation of duties for Sarbanes-Oxley compliance  Quickly scale IT Security to address fast 37% company growth Leader in $100 billion asset recovery and management  Minimal disruption to 5.9 million accounts while maintaining growth industry  Secure Exadata Database Machine with no application changes Partner Network used by Fortune 500 companies in Solution banking, credit card, and  Addresses compliance with Database Firewall, TDE, Data Masking health care as comprehensive database security defense-in-depth strategy Industry: Financial Services  Database activity monitoring to protect against insider and external threats, including SQL injection attacks  Securing Exadata and SQL Server database activity 25 Copyright © 2012, Oracle and/or its affiliates. All rights reserved.
TransUnion Interactive Addresses Regulatory Compliance, Secures Sensitive Data Challenge  Maintain PCI DSS, SOX, and GLBA compliance  Increase database traffic visibility; detect and monitor activity  Increase database security and monitor for application SQL Consumer subsidiary of injection attacks TransUnion, a global leader in credit information  Detect and prevent application by-pass and data harvesting Maintains credit histories on Solution over 500 million consumers globally  Deployed Database Firewall in one month; monitor database traffic Industry: Financial Services  Achieved 10k transactions/sec while maintaining performance  Using reports to monitor traffic and manage workloads and capacity  Use Oracle Advanced Security to encrypt tablespaces 26 Copyright © 2012, Oracle and/or its affiliates. All rights reserved.
For More Information Oracle Audit Vault and Database Firewall 27 Copyright © 2012, Oracle and/or its affiliates. All rights reserved.
Q&A 28 Copyright © 2012, Oracle and/or its affiliates. All rights reserved.
29 Copyright © 2012, Oracle and/or its affiliates. All rights reserved.

Recommended

AV/DF Advanced Security Option
AV/DF Advanced Security OptionAV/DF Advanced Security Option
AV/DF Advanced Security OptionDLT Solutions
 
Ppt dbsec-oow2013-avdf
Ppt dbsec-oow2013-avdfPpt dbsec-oow2013-avdf
Ppt dbsec-oow2013-avdfMelody Liu
 
Presentation database security audit vault & database firewall
Presentation database security audit vault & database firewallPresentation database security audit vault & database firewall
Presentation database security audit vault & database firewallxKinAnx
 
Migration to Oracle Multitenant
Migration to Oracle MultitenantMigration to Oracle Multitenant
Migration to Oracle MultitenantJitendra Singh
 
Oracle Database Vault
Oracle Database VaultOracle Database Vault
Oracle Database VaultMarco Alamanni
 
Oracle Transparent Data Encryption (TDE) 12c
Oracle Transparent Data Encryption (TDE) 12cOracle Transparent Data Encryption (TDE) 12c
Oracle Transparent Data Encryption (TDE) 12cNabeel Yoosuf
 
What’s New in Oracle Database 19c - Part 1
What’s New in Oracle Database 19c - Part 1What’s New in Oracle Database 19c - Part 1
What’s New in Oracle Database 19c - Part 1Satishbabu Gunukula
 
Active dataguard
Active dataguardActive dataguard
Active dataguardManoj Kumar
 

Recommended

AV/DF Advanced Security Option
AV/DF Advanced Security OptionAV/DF Advanced Security Option
AV/DF Advanced Security OptionDLT Solutions
 
Ppt dbsec-oow2013-avdf
Ppt dbsec-oow2013-avdfPpt dbsec-oow2013-avdf
Ppt dbsec-oow2013-avdfMelody Liu
 
Presentation database security audit vault & database firewall
Presentation database security audit vault & database firewallPresentation database security audit vault & database firewall
Presentation database security audit vault & database firewallxKinAnx
 
Migration to Oracle Multitenant
Migration to Oracle MultitenantMigration to Oracle Multitenant
Migration to Oracle MultitenantJitendra Singh
 
Oracle Database Vault
Oracle Database VaultOracle Database Vault
Oracle Database VaultMarco Alamanni
 
Oracle Transparent Data Encryption (TDE) 12c
Oracle Transparent Data Encryption (TDE) 12cOracle Transparent Data Encryption (TDE) 12c
Oracle Transparent Data Encryption (TDE) 12cNabeel Yoosuf
 
What’s New in Oracle Database 19c - Part 1
What’s New in Oracle Database 19c - Part 1What’s New in Oracle Database 19c - Part 1
What’s New in Oracle Database 19c - Part 1Satishbabu Gunukula
 
Active dataguard
Active dataguardActive dataguard
Active dataguardManoj Kumar
 
Oracle Audit vault
Oracle Audit vaultOracle Audit vault
Oracle Audit vaultuzzal basak
 
Oracle Database Security
Oracle Database SecurityOracle Database Security
Oracle Database SecurityTroy Kitch
 
HA, Scalability, DR & MAA in Oracle Database 21c - Overview
HA, Scalability, DR & MAA in Oracle Database 21c - OverviewHA, Scalability, DR & MAA in Oracle Database 21c - Overview
HA, Scalability, DR & MAA in Oracle Database 21c - OverviewMarkus Michalewicz
 
Oracle RAC 19c and Later - Best Practices #OOWLON
Oracle RAC 19c and Later - Best Practices #OOWLONOracle RAC 19c and Later - Best Practices #OOWLON
Oracle RAC 19c and Later - Best Practices #OOWLONMarkus Michalewicz
 
What to Expect From Oracle database 19c
What to Expect From Oracle database 19cWhat to Expect From Oracle database 19c
What to Expect From Oracle database 19cMaria Colgan
 
Oracle 21c: New Features and Enhancements of Data Pump & TTS
Oracle 21c: New Features and Enhancements of Data Pump & TTSOracle 21c: New Features and Enhancements of Data Pump & TTS
Oracle 21c: New Features and Enhancements of Data Pump & TTSChristian Gohmann
 
Oracle Database: Checklist Connection Issues
Oracle Database: Checklist Connection IssuesOracle Database: Checklist Connection Issues
Oracle Database: Checklist Connection IssuesMarkus Flechtner
 
Database Consolidation using the Oracle Multitenant Architecture
Database Consolidation using the Oracle Multitenant ArchitectureDatabase Consolidation using the Oracle Multitenant Architecture
Database Consolidation using the Oracle Multitenant ArchitecturePini Dibask
 
Optimize DR and Cloning with Logical Hostnames in Oracle E-Business Suite (OA...
Optimize DR and Cloning with Logical Hostnames in Oracle E-Business Suite (OA...Optimize DR and Cloning with Logical Hostnames in Oracle E-Business Suite (OA...
Optimize DR and Cloning with Logical Hostnames in Oracle E-Business Suite (OA...Andrejs Prokopjevs
 
Oracle Cloud Infrastructure – Compute
Oracle Cloud Infrastructure – ComputeOracle Cloud Infrastructure – Compute
Oracle Cloud Infrastructure – ComputeMarketingArrowECS_CZ
 
Oracle RAC 19c: Best Practices and Secret Internals
Oracle RAC 19c: Best Practices and Secret InternalsOracle RAC 19c: Best Practices and Secret Internals
Oracle RAC 19c: Best Practices and Secret InternalsAnil Nair
 
Rman Presentation
Rman PresentationRman Presentation
Rman PresentationRick van Ek
 
Oracle Key Vault Overview
Oracle Key Vault OverviewOracle Key Vault Overview
Oracle Key Vault OverviewTroy Kitch
 
Oracle Data Protection - 2. část
Oracle Data Protection - 2. částOracle Data Protection - 2. část
Oracle Data Protection - 2. částMarketingArrowECS_CZ
 
DOAG Oracle Database Vault
DOAG Oracle Database VaultDOAG Oracle Database Vault
DOAG Oracle Database VaultStefan Oehrli
 
ORM Injection
ORM InjectionORM Injection
ORM InjectionSimone Onofri
 
Understanding oracle rac internals part 1 - slides
Understanding oracle rac internals part 1 - slidesUnderstanding oracle rac internals part 1 - slides
Understanding oracle rac internals part 1 - slidesMohamed Farouk
 
Oracle Security Presentation
Oracle Security PresentationOracle Security Presentation
Oracle Security PresentationFrancisco Alvarez
 
Oracle_Multitenant_19c_-_All_About_Pluggable_D.pdf
Oracle_Multitenant_19c_-_All_About_Pluggable_D.pdfOracle_Multitenant_19c_-_All_About_Pluggable_D.pdf
Oracle_Multitenant_19c_-_All_About_Pluggable_D.pdfSrirakshaSrinivasan2
 
Data guard architecture
Data guard architectureData guard architecture
Data guard architectureVimlendu Kumar
 
Sådan undgår du misbrug af kundedata og fortrolig information
Sådan undgår du misbrug af kundedata og fortrolig informationSådan undgår du misbrug af kundedata og fortrolig information
Sådan undgår du misbrug af kundedata og fortrolig informationIBM Danmark
 
Od webcast-cloud-fraud final
Od webcast-cloud-fraud finalOd webcast-cloud-fraud final
Od webcast-cloud-fraud finalOracleIDM
 

More Related Content

What's hot

Oracle Audit vault
Oracle Audit vaultOracle Audit vault
Oracle Audit vaultuzzal basak
 
Oracle Database Security
Oracle Database SecurityOracle Database Security
Oracle Database SecurityTroy Kitch
 
HA, Scalability, DR & MAA in Oracle Database 21c - Overview
HA, Scalability, DR & MAA in Oracle Database 21c - OverviewHA, Scalability, DR & MAA in Oracle Database 21c - Overview
HA, Scalability, DR & MAA in Oracle Database 21c - OverviewMarkus Michalewicz
 
Oracle RAC 19c and Later - Best Practices #OOWLON
Oracle RAC 19c and Later - Best Practices #OOWLONOracle RAC 19c and Later - Best Practices #OOWLON
Oracle RAC 19c and Later - Best Practices #OOWLONMarkus Michalewicz
 
What to Expect From Oracle database 19c
What to Expect From Oracle database 19cWhat to Expect From Oracle database 19c
What to Expect From Oracle database 19cMaria Colgan
 
Oracle 21c: New Features and Enhancements of Data Pump & TTS
Oracle 21c: New Features and Enhancements of Data Pump & TTSOracle 21c: New Features and Enhancements of Data Pump & TTS
Oracle 21c: New Features and Enhancements of Data Pump & TTSChristian Gohmann
 
Oracle Database: Checklist Connection Issues
Oracle Database: Checklist Connection IssuesOracle Database: Checklist Connection Issues
Oracle Database: Checklist Connection IssuesMarkus Flechtner
 
Database Consolidation using the Oracle Multitenant Architecture
Database Consolidation using the Oracle Multitenant ArchitectureDatabase Consolidation using the Oracle Multitenant Architecture
Database Consolidation using the Oracle Multitenant ArchitecturePini Dibask
 
Optimize DR and Cloning with Logical Hostnames in Oracle E-Business Suite (OA...
Optimize DR and Cloning with Logical Hostnames in Oracle E-Business Suite (OA...Optimize DR and Cloning with Logical Hostnames in Oracle E-Business Suite (OA...
Optimize DR and Cloning with Logical Hostnames in Oracle E-Business Suite (OA...Andrejs Prokopjevs
 
Oracle Cloud Infrastructure – Compute
Oracle Cloud Infrastructure – ComputeOracle Cloud Infrastructure – Compute
Oracle Cloud Infrastructure – ComputeMarketingArrowECS_CZ
 
Oracle RAC 19c: Best Practices and Secret Internals
Oracle RAC 19c: Best Practices and Secret InternalsOracle RAC 19c: Best Practices and Secret Internals
Oracle RAC 19c: Best Practices and Secret InternalsAnil Nair
 
Rman Presentation
Rman PresentationRman Presentation
Rman PresentationRick van Ek
 
Oracle Key Vault Overview
Oracle Key Vault OverviewOracle Key Vault Overview
Oracle Key Vault OverviewTroy Kitch
 
Oracle Data Protection - 2. část
Oracle Data Protection - 2. částOracle Data Protection - 2. část
Oracle Data Protection - 2. částMarketingArrowECS_CZ
 
DOAG Oracle Database Vault
DOAG Oracle Database VaultDOAG Oracle Database Vault
DOAG Oracle Database VaultStefan Oehrli
 
Understanding oracle rac internals part 1 - slides
Understanding oracle rac internals part 1 - slidesUnderstanding oracle rac internals part 1 - slides
Understanding oracle rac internals part 1 - slidesMohamed Farouk
 
Oracle Security Presentation
Oracle Security PresentationOracle Security Presentation
Oracle Security PresentationFrancisco Alvarez
 
Oracle_Multitenant_19c_-_All_About_Pluggable_D.pdf
Oracle_Multitenant_19c_-_All_About_Pluggable_D.pdfOracle_Multitenant_19c_-_All_About_Pluggable_D.pdf
Oracle_Multitenant_19c_-_All_About_Pluggable_D.pdfSrirakshaSrinivasan2
 
Data guard architecture
Data guard architectureData guard architecture
Data guard architectureVimlendu Kumar
 

What's hot (20)

Oracle Audit vault
Oracle Audit vaultOracle Audit vault
Oracle Audit vault
 
Oracle Database Security
Oracle Database SecurityOracle Database Security
Oracle Database Security
 
HA, Scalability, DR & MAA in Oracle Database 21c - Overview
HA, Scalability, DR & MAA in Oracle Database 21c - OverviewHA, Scalability, DR & MAA in Oracle Database 21c - Overview
HA, Scalability, DR & MAA in Oracle Database 21c - Overview
 
Oracle RAC 19c and Later - Best Practices #OOWLON
Oracle RAC 19c and Later - Best Practices #OOWLONOracle RAC 19c and Later - Best Practices #OOWLON
Oracle RAC 19c and Later - Best Practices #OOWLON
 
What to Expect From Oracle database 19c
What to Expect From Oracle database 19cWhat to Expect From Oracle database 19c
What to Expect From Oracle database 19c
 
Oracle 21c: New Features and Enhancements of Data Pump & TTS
Oracle 21c: New Features and Enhancements of Data Pump & TTSOracle 21c: New Features and Enhancements of Data Pump & TTS
Oracle 21c: New Features and Enhancements of Data Pump & TTS
 
Oracle Database: Checklist Connection Issues
Oracle Database: Checklist Connection IssuesOracle Database: Checklist Connection Issues
Oracle Database: Checklist Connection Issues
 
Database Consolidation using the Oracle Multitenant Architecture
Database Consolidation using the Oracle Multitenant ArchitectureDatabase Consolidation using the Oracle Multitenant Architecture
Database Consolidation using the Oracle Multitenant Architecture
 
Optimize DR and Cloning with Logical Hostnames in Oracle E-Business Suite (OA...
Optimize DR and Cloning with Logical Hostnames in Oracle E-Business Suite (OA...Optimize DR and Cloning with Logical Hostnames in Oracle E-Business Suite (OA...
Optimize DR and Cloning with Logical Hostnames in Oracle E-Business Suite (OA...
 
Oracle Cloud Infrastructure – Compute
Oracle Cloud Infrastructure – ComputeOracle Cloud Infrastructure – Compute
Oracle Cloud Infrastructure – Compute
 
Oracle RAC 19c: Best Practices and Secret Internals
Oracle RAC 19c: Best Practices and Secret InternalsOracle RAC 19c: Best Practices and Secret Internals
Oracle RAC 19c: Best Practices and Secret Internals
 
Rman Presentation
Rman PresentationRman Presentation
Rman Presentation
 
Oracle Key Vault Overview
Oracle Key Vault OverviewOracle Key Vault Overview
Oracle Key Vault Overview
 
Oracle Data Protection - 2. část
Oracle Data Protection - 2. částOracle Data Protection - 2. část
Oracle Data Protection - 2. část
 
DOAG Oracle Database Vault
DOAG Oracle Database VaultDOAG Oracle Database Vault
DOAG Oracle Database Vault
 
ORM Injection
ORM InjectionORM Injection
ORM Injection
 
Understanding oracle rac internals part 1 - slides
Understanding oracle rac internals part 1 - slidesUnderstanding oracle rac internals part 1 - slides
Understanding oracle rac internals part 1 - slides
 
Oracle Security Presentation
Oracle Security PresentationOracle Security Presentation
Oracle Security Presentation
 
Oracle_Multitenant_19c_-_All_About_Pluggable_D.pdf
Oracle_Multitenant_19c_-_All_About_Pluggable_D.pdfOracle_Multitenant_19c_-_All_About_Pluggable_D.pdf
Oracle_Multitenant_19c_-_All_About_Pluggable_D.pdf
 
Data guard architecture
Data guard architectureData guard architecture
Data guard architecture
 

Similar to Introducing Oracle Audit Vault and Database Firewall

Sådan undgår du misbrug af kundedata og fortrolig information
Sådan undgår du misbrug af kundedata og fortrolig informationSådan undgår du misbrug af kundedata og fortrolig information
Sådan undgår du misbrug af kundedata og fortrolig informationIBM Danmark
 
Od webcast-cloud-fraud final
Od webcast-cloud-fraud finalOd webcast-cloud-fraud final
Od webcast-cloud-fraud finalOracleIDM
 
Secure Enterprise Cloud
Secure Enterprise CloudSecure Enterprise Cloud
Secure Enterprise CloudIndu Kodukula
 
HTLV - DSS @Vilnius 2010
HTLV - DSS @Vilnius 2010HTLV - DSS @Vilnius 2010
HTLV - DSS @Vilnius 2010Andris Soroka
 
Projecting Enterprise Security Requirements on the Cloud
Projecting Enterprise Security Requirements on the CloudProjecting Enterprise Security Requirements on the Cloud
Projecting Enterprise Security Requirements on the CloudScientia Groups
 
Best Practices in Implementing Oracle Database Security Products
Best Practices in Implementing Oracle Database Security ProductsBest Practices in Implementing Oracle Database Security Products
Best Practices in Implementing Oracle Database Security ProductsEstuate, Inc.
 
SunGard Enterprise Cloud Services @ Cloud Connect 2011
SunGard Enterprise Cloud Services @ Cloud Connect 2011SunGard Enterprise Cloud Services @ Cloud Connect 2011
SunGard Enterprise Cloud Services @ Cloud Connect 2011Satish Hemachandran
 
IBM Infosphere Guardium - Database Security
IBM Infosphere Guardium - Database SecurityIBM Infosphere Guardium - Database Security
IBM Infosphere Guardium - Database Securityebuc
 
Ppt security-database-overview-11g r2
Ppt security-database-overview-11g r2Ppt security-database-overview-11g r2
Ppt security-database-overview-11g r2Oracle BH
 
Tänased võimalused turvalahendustes - Tarvi Tara
Tänased võimalused turvalahendustes - Tarvi TaraTänased võimalused turvalahendustes - Tarvi Tara
Tänased võimalused turvalahendustes - Tarvi TaraORACLE USER GROUP ESTONIA
 
High Availability and Disaster Recovery with Novell Sentinel Log Manager
High Availability and Disaster Recovery with Novell Sentinel Log ManagerHigh Availability and Disaster Recovery with Novell Sentinel Log Manager
High Availability and Disaster Recovery with Novell Sentinel Log ManagerNovell
 
A better waytosecureapps-finalv1
A better waytosecureapps-finalv1A better waytosecureapps-finalv1
A better waytosecureapps-finalv1OracleIDM
 
Cio ciso security_strategyv1.1
Cio ciso security_strategyv1.1Cio ciso security_strategyv1.1
Cio ciso security_strategyv1.1Anindya Ghosh,
 
RSA 2012 Virtualization Security February 2012
RSA 2012 Virtualization Security February 2012RSA 2012 Virtualization Security February 2012
RSA 2012 Virtualization Security February 2012Symantec
 
Atlanta ISSA 2010 Enterprise Data Protection Ulf Mattsson
Atlanta ISSA 2010 Enterprise Data Protection Ulf MattssonAtlanta ISSA 2010 Enterprise Data Protection Ulf Mattsson
Atlanta ISSA 2010 Enterprise Data Protection Ulf MattssonUlf Mattsson
 
Symantec Endpoint Protection 12
Symantec Endpoint Protection 12Symantec Endpoint Protection 12
Symantec Endpoint Protection 12Symantec
 

Similar to Introducing Oracle Audit Vault and Database Firewall (20)

Sådan undgår du misbrug af kundedata og fortrolig information
Sådan undgår du misbrug af kundedata og fortrolig informationSådan undgår du misbrug af kundedata og fortrolig information
Sådan undgår du misbrug af kundedata og fortrolig information
 
Od webcast-cloud-fraud final
Od webcast-cloud-fraud finalOd webcast-cloud-fraud final
Od webcast-cloud-fraud final
 
Secure Enterprise Cloud
Secure Enterprise CloudSecure Enterprise Cloud
Secure Enterprise Cloud
 
QualysGuard InfoDay 2012 - Secure Digital Vault for Qualys
QualysGuard InfoDay 2012 - Secure Digital Vault for QualysQualysGuard InfoDay 2012 - Secure Digital Vault for Qualys
QualysGuard InfoDay 2012 - Secure Digital Vault for Qualys
 
HTLV - DSS @Vilnius 2010
HTLV - DSS @Vilnius 2010HTLV - DSS @Vilnius 2010
HTLV - DSS @Vilnius 2010
 
Oracle a TBIZ2011
Oracle a TBIZ2011Oracle a TBIZ2011
Oracle a TBIZ2011
 
Projecting Enterprise Security Requirements on the Cloud
Projecting Enterprise Security Requirements on the CloudProjecting Enterprise Security Requirements on the Cloud
Projecting Enterprise Security Requirements on the Cloud
 
Best Practices in Implementing Oracle Database Security Products
Best Practices in Implementing Oracle Database Security ProductsBest Practices in Implementing Oracle Database Security Products
Best Practices in Implementing Oracle Database Security Products
 
SunGard Enterprise Cloud Services @ Cloud Connect 2011
SunGard Enterprise Cloud Services @ Cloud Connect 2011SunGard Enterprise Cloud Services @ Cloud Connect 2011
SunGard Enterprise Cloud Services @ Cloud Connect 2011
 
IBM Infosphere Guardium - Database Security
IBM Infosphere Guardium - Database SecurityIBM Infosphere Guardium - Database Security
IBM Infosphere Guardium - Database Security
 
Sw keynote
Sw keynoteSw keynote
Sw keynote
 
Ppt security-database-overview-11g r2
Ppt security-database-overview-11g r2Ppt security-database-overview-11g r2
Ppt security-database-overview-11g r2
 
Tänased võimalused turvalahendustes - Tarvi Tara
Tänased võimalused turvalahendustes - Tarvi TaraTänased võimalused turvalahendustes - Tarvi Tara
Tänased võimalused turvalahendustes - Tarvi Tara
 
High Availability and Disaster Recovery with Novell Sentinel Log Manager
High Availability and Disaster Recovery with Novell Sentinel Log ManagerHigh Availability and Disaster Recovery with Novell Sentinel Log Manager
High Availability and Disaster Recovery with Novell Sentinel Log Manager
 
Securityinsideout
SecurityinsideoutSecurityinsideout
Securityinsideout
 
A better waytosecureapps-finalv1
A better waytosecureapps-finalv1A better waytosecureapps-finalv1
A better waytosecureapps-finalv1
 
Cio ciso security_strategyv1.1
Cio ciso security_strategyv1.1Cio ciso security_strategyv1.1
Cio ciso security_strategyv1.1
 
RSA 2012 Virtualization Security February 2012
RSA 2012 Virtualization Security February 2012RSA 2012 Virtualization Security February 2012
RSA 2012 Virtualization Security February 2012
 
Atlanta ISSA 2010 Enterprise Data Protection Ulf Mattsson
Atlanta ISSA 2010 Enterprise Data Protection Ulf MattssonAtlanta ISSA 2010 Enterprise Data Protection Ulf Mattsson
Atlanta ISSA 2010 Enterprise Data Protection Ulf Mattsson
 
Symantec Endpoint Protection 12
Symantec Endpoint Protection 12Symantec Endpoint Protection 12
Symantec Endpoint Protection 12
 

Recently uploaded

Install Stable Diffusion in windows machine
Install Stable Diffusion in windows machineInstall Stable Diffusion in windows machine
Install Stable Diffusion in windows machinePadma Pradeep
 
#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024BookNet Canada
 
Slack Application Development 101 Slides
Slack Application Development 101 SlidesSlack Application Development 101 Slides
Slack Application Development 101 Slidespraypatel2
 
How to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerHow to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerThousandEyes
 
Pigging Solutions in Pet Food Manufacturing
Pigging Solutions in Pet Food ManufacturingPigging Solutions in Pet Food Manufacturing
Pigging Solutions in Pet Food ManufacturingPigging Solutions
 
My Hashitalk Indonesia April 2024 Presentation
My Hashitalk Indonesia April 2024 PresentationMy Hashitalk Indonesia April 2024 Presentation
My Hashitalk Indonesia April 2024 PresentationRidwan Fadjar
 
GenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day PresentationGenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day PresentationMichael W. Hawkins
 
[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdf[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdfhans926745
 
How to convert PDF to text with Nanonets
How to convert PDF to text with NanonetsHow to convert PDF to text with Nanonets
How to convert PDF to text with Nanonetsnaman860154
 
Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...
Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...
Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...shyamraj55
 
Human Factors of XR: Using Human Factors to Design XR Systems
Human Factors of XR: Using Human Factors to Design XR SystemsHuman Factors of XR: Using Human Factors to Design XR Systems
Human Factors of XR: Using Human Factors to Design XR SystemsMark Billinghurst
 
Azure Monitor & Application Insight to monitor Infrastructure & Application
Azure Monitor & Application Insight to monitor Infrastructure & ApplicationAzure Monitor & Application Insight to monitor Infrastructure & Application
Azure Monitor & Application Insight to monitor Infrastructure & ApplicationAndikSusilo4
 
Handwritten Text Recognition for manuscripts and early printed texts
Handwritten Text Recognition for manuscripts and early printed textsHandwritten Text Recognition for manuscripts and early printed texts
Handwritten Text Recognition for manuscripts and early printed textsMaria Levchenko
 
SIEMENS: RAPUNZEL – A Tale About Knowledge Graph
SIEMENS: RAPUNZEL – A Tale About Knowledge GraphSIEMENS: RAPUNZEL – A Tale About Knowledge Graph
SIEMENS: RAPUNZEL – A Tale About Knowledge GraphNeo4j
 
Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365
Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365
Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 3652toLead Limited
 
Breaking the Kubernetes Kill Chain: Host Path Mount
Breaking the Kubernetes Kill Chain: Host Path MountBreaking the Kubernetes Kill Chain: Host Path Mount
Breaking the Kubernetes Kill Chain: Host Path MountPuma Security, LLC
 
Swan(sea) Song – personal research during my six years at Swansea ... and bey...
Swan(sea) Song – personal research during my six years at Swansea ... and bey...Swan(sea) Song – personal research during my six years at Swansea ... and bey...
Swan(sea) Song – personal research during my six years at Swansea ... and bey...Alan Dix
 
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time AutomationFrom Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time AutomationSafe Software
 
Understanding the Laravel MVC Architecture
Understanding the Laravel MVC ArchitectureUnderstanding the Laravel MVC Architecture
Understanding the Laravel MVC ArchitecturePixlogix Infotech
 
WhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure service
WhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure serviceWhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure service
WhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure servicePooja Nehwal
 

Recently uploaded (20)

Install Stable Diffusion in windows machine
Install Stable Diffusion in windows machineInstall Stable Diffusion in windows machine
Install Stable Diffusion in windows machine
 
#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
 
Slack Application Development 101 Slides
Slack Application Development 101 SlidesSlack Application Development 101 Slides
Slack Application Development 101 Slides
 
How to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerHow to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected Worker
 
Pigging Solutions in Pet Food Manufacturing
Pigging Solutions in Pet Food ManufacturingPigging Solutions in Pet Food Manufacturing
Pigging Solutions in Pet Food Manufacturing
 
My Hashitalk Indonesia April 2024 Presentation
My Hashitalk Indonesia April 2024 PresentationMy Hashitalk Indonesia April 2024 Presentation
My Hashitalk Indonesia April 2024 Presentation
 
GenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day PresentationGenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day Presentation
 
[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdf[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdf
 
How to convert PDF to text with Nanonets
How to convert PDF to text with NanonetsHow to convert PDF to text with Nanonets
How to convert PDF to text with Nanonets
 
Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...
Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...
Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...
 
Human Factors of XR: Using Human Factors to Design XR Systems
Human Factors of XR: Using Human Factors to Design XR SystemsHuman Factors of XR: Using Human Factors to Design XR Systems
Human Factors of XR: Using Human Factors to Design XR Systems
 
Azure Monitor & Application Insight to monitor Infrastructure & Application
Azure Monitor & Application Insight to monitor Infrastructure & ApplicationAzure Monitor & Application Insight to monitor Infrastructure & Application
Azure Monitor & Application Insight to monitor Infrastructure & Application
 
Handwritten Text Recognition for manuscripts and early printed texts
Handwritten Text Recognition for manuscripts and early printed textsHandwritten Text Recognition for manuscripts and early printed texts
Handwritten Text Recognition for manuscripts and early printed texts
 
SIEMENS: RAPUNZEL – A Tale About Knowledge Graph
SIEMENS: RAPUNZEL – A Tale About Knowledge GraphSIEMENS: RAPUNZEL – A Tale About Knowledge Graph
SIEMENS: RAPUNZEL – A Tale About Knowledge Graph
 
Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365
Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365
Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365
 
Breaking the Kubernetes Kill Chain: Host Path Mount
Breaking the Kubernetes Kill Chain: Host Path MountBreaking the Kubernetes Kill Chain: Host Path Mount
Breaking the Kubernetes Kill Chain: Host Path Mount
 
Swan(sea) Song – personal research during my six years at Swansea ... and bey...
Swan(sea) Song – personal research during my six years at Swansea ... and bey...Swan(sea) Song – personal research during my six years at Swansea ... and bey...
Swan(sea) Song – personal research during my six years at Swansea ... and bey...
 
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time AutomationFrom Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
 
Understanding the Laravel MVC Architecture
Understanding the Laravel MVC ArchitectureUnderstanding the Laravel MVC Architecture
Understanding the Laravel MVC Architecture
 
WhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure service
WhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure serviceWhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure service
WhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure service
 

Introducing Oracle Audit Vault and Database Firewall

  • 1. 1 Copyright © 2012, Oracle and/or its affiliates. All rights reserved.
  • 2. Introducing Oracle Audit Vault and Database Firewall
  • 3. Billions of Database Records Breached Globally 97% of Breaches Were Avoidable with Basic Controls 98% records stolen from databases 84% records breached using stolen credentials 71% fell within minutes 92% discovered by third party 3 Copyright © 2012, Oracle and/or its affiliates. All rights reserved.
  • 4. Why are Databases so Vulnerable? 80% of IT Security Programs Don’t Address Database Security Forrester Research Network Security “Enterprises are taking on risks Authentication SIEM & User Security that they may not even be aware of. Especially as more and more Email Security Endpoint attacks against databases exploit Database Security Security legitimate access.” Web Application Firewall 5 Copyright © 2012, Oracle and/or its affiliates. All rights reserved.
  • 5. Oracle Database Security Solutions Defense-in-Depth for Maximum Security PREVENTIVE DETECTIVE ADMINISTRATIVE Encryption Activity Monitoring Privilege Analysis Redaction and Masking Database Firewall Sensitive Data Discovery Privileged User Controls Auditing and Reporting Configuration Management 6 Copyright © 2012, Oracle and/or its affiliates. All rights reserved.
  • 6. Oracle Database Security Solutions Detect and Block Threats, Alert, Audit and Report PREVENTIVE DETECTIVE ADMINISTRATIVE Encryption Activity Monitoring Privilege Analysis Redaction and Masking Database Firewall Sensitive Data Discovery Privileged User Controls Auditing and Reporting Configuration Management 7 Copyright © 2012, Oracle and/or its affiliates. All rights reserved.
  • 7. Oracle Audit Vault and Database Firewall New Solution for Oracle and Non-Oracle Databases Database Firewall Users Allow Log Alert Applications Substitute Block Firewall Events Auditor Reports Audit Data Alerts ! Security Manager Policies OS, Directory, File System & Custom Audit Logs Audit Vault 8 Copyright © 2012, Oracle and/or its affiliates. All rights reserved.
  • 8. Oracle Audit Vault and Database Firewall SQL Injection Protection with Positive Security Model SELECT * from stock White List where catalog-no='PHE8131' Allow Block Applications SELECT * from stock where catalog-no=‘ Databases ' union select cardNo,0,0 from Orders --’ • “Allowed” behavior can be defined for any user or application • Automated white list generation for any application • Out-of-policy database transaction detected and blocked/alerted 9 Copyright © 2012, Oracle and/or its affiliates. All rights reserved.
  • 9. Oracle Audit Vault and Database Firewall Enforcing Database Activity with Negative Security Model SELECT * FROM v$session Black List Block DBA activity from Application? SELECT * FROM Allow + Log DBA activity from v$session Approved Workstation • Stop specific unwanted SQL interactions, user or schema access • Blacklisting can be done on factors such as time of day, day of week, network, application, user name, OS user name etc • Provide flexibility to authorized users while still monitoring activity 10 Copyright © 2012, Oracle and/or its affiliates. All rights reserved.
  • 10. Oracle Audit Vault and Database Firewall Comprehensive Enterprise Audit and Log Consolidation  Databases: Oracle, SQL Server, DB2 LUW, Sybase ASE  New Audit Sources – Operating Systems: Microsoft Windows, Solaris – Directory Services: Active Directory – File Systems: Oracle ACFS  Audit Collection Plugins for Custom Audit Sources – XML file maps custom audit elements to canonical audit elements – Collect and map data from XML audit file and database tables 11 Copyright © 2012, Oracle and/or its affiliates. All rights reserved.
  • 11. Oracle Audit Vault and Database Firewall Audit and Event Repository  Based on proven Oracle Database technology – Includes compression, partitioning, scalability, high availability, etc. – Open schema for flexible reporting  Information lifecycle management for target specific data retention  Centralized web console for easy administration  Command line utility for automation and scripting 12 Copyright © 2012, Oracle and/or its affiliates. All rights reserved.
  • 12. Oracle Audit Vault and Database Firewall Audit and Event Data Security  Software appliance based on hardened OS and pre- configured database  Fine-grained administrative groups – Sources can be grouped for access authorization – Individual auditor reports limited to data from the „grouped‟ sources  Separation of duties  Powerful multi-event alerting with thresholds and group-by 13 Copyright © 2012, Oracle and/or its affiliates. All rights reserved.
  • 13. Oracle Audit Vault and Database Firewall Single Administrator Console 14 Copyright © 2012, Oracle and/or its affiliates. All rights reserved.
  • 14. Oracle Audit Vault and Database Firewall Default Reports 15 Copyright © 2012, Oracle and/or its affiliates. All rights reserved.
  • 15. Oracle Audit Vault and Database Firewall Out-of-the Box Compliance Reporting 16 Copyright © 2012, Oracle and/or its affiliates. All rights reserved.
  • 16. Oracle Audit Vault and Database Firewall Report with Data from Multiple Source Types 17 Copyright © 2012, Oracle and/or its affiliates. All rights reserved.
  • 17. Oracle Audit Vault and Database Firewall Auditing Stored Procedure Calls – Not Visible on the Network 18 Copyright © 2012, Oracle and/or its affiliates. All rights reserved.
  • 18. Oracle Audit Vault and Database Firewall Extensive Audit Details 19 Copyright © 2012, Oracle and/or its affiliates. All rights reserved.
  • 19. Oracle Audit Vault and Database Firewall Blocking SQL Injection Attacks 20 Copyright © 2012, Oracle and/or its affiliates. All rights reserved.
  • 20. Oracle Audit Vault and Database Firewall Powerful Alerting Filter Conditions 21 Copyright © 2012, Oracle and/or its affiliates. All rights reserved.
  • 21. Oracle Audit Vault and Database Firewall Flexible Deployment Architectures In-Line Blocking and Monitoring Remote Monitoring Out-of-Band Monitoring Applications and Users HA Mode Inbound SQL Traffic Audit Agents Audit Vault Audit Data Audit Vault Primary Standby Software Appliances 22 Copyright © 2012, Oracle and/or its affiliates. All rights reserved.
  • 22. Oracle Audit Vault and Database Firewall Performance and Scalability  Audit Vault – Supports monitoring and auditing multiple hundreds of heterogeneous database and non-database targets – Supports wide range of hardware to meet load requirements  Database Firewall – Decision time is independent of the number of rules in the policy – Multi-device / multi-process / multi-core scalability – 8 core can handle between 30K – 60K transactions/second 23 Copyright © 2012, Oracle and/or its affiliates. All rights reserved.
  • 23. T-Mobile Protecting Customer Data in Oracle and non-Oracle Databases Challenge  Protect sensitive data – PCI, CPNI, SPII – in both Oracle and non- Oracle Databases  Monitor database threats, including SQL injection attacks and data Provider of wireless voice, harvesting, without having to change application code messaging, and data  Full visibility into database activity services throughout the U.S. Fourth largest wireless  Understand what types of changes are being made to sensitive data company in the U.S. with Solution more than 35 million subscribers  Addresses data security with Database Firewall, TDE, Data Masking Industry: Telecom as comprehensive database security defense-in-depth strategy  Database activity monitoring prevents insider and external threats  Deployed and setup within a few hours; already protected against a few compromised accounts that were harvesting data 24 Copyright © 2012, Oracle and/or its affiliates. All rights reserved.
  • 24. SquareTwo Financial Addresses Regulatory Compliance, Enables Separation of Duties Challenge  Comply with a number of regulations: GLBA, HIPAA, SOX, and PCI  Prove separation of duties for Sarbanes-Oxley compliance  Quickly scale IT Security to address fast 37% company growth Leader in $100 billion asset recovery and management  Minimal disruption to 5.9 million accounts while maintaining growth industry  Secure Exadata Database Machine with no application changes Partner Network used by Fortune 500 companies in Solution banking, credit card, and  Addresses compliance with Database Firewall, TDE, Data Masking health care as comprehensive database security defense-in-depth strategy Industry: Financial Services  Database activity monitoring to protect against insider and external threats, including SQL injection attacks  Securing Exadata and SQL Server database activity 25 Copyright © 2012, Oracle and/or its affiliates. All rights reserved.
  • 25. TransUnion Interactive Addresses Regulatory Compliance, Secures Sensitive Data Challenge  Maintain PCI DSS, SOX, and GLBA compliance  Increase database traffic visibility; detect and monitor activity  Increase database security and monitor for application SQL Consumer subsidiary of injection attacks TransUnion, a global leader in credit information  Detect and prevent application by-pass and data harvesting Maintains credit histories on Solution over 500 million consumers globally  Deployed Database Firewall in one month; monitor database traffic Industry: Financial Services  Achieved 10k transactions/sec while maintaining performance  Using reports to monitor traffic and manage workloads and capacity  Use Oracle Advanced Security to encrypt tablespaces 26 Copyright © 2012, Oracle and/or its affiliates. All rights reserved.
  • 26. For More Information Oracle Audit Vault and Database Firewall 27 Copyright © 2012, Oracle and/or its affiliates. All rights reserved.
  • 27. Q&A 28 Copyright © 2012, Oracle and/or its affiliates. All rights reserved.
  • 28. 29 Copyright © 2012, Oracle and/or its affiliates. All rights reserved.

Editor's Notes

  1. Last updated December 12, 2012
  2. Introducing Oracle Audit Vault and Database Firewallhttps://event.on24.com/eventRegistration/EventLobbyServlet?target=registration.jsp&eventid=541890&sessionid=1&key=E38B905176AAA94A27C94F87B829007A&partnerref=ocom_sec_db12122012&sourcepage=registerJoin us to hear about a new Oracle product that monitors Oracle and non-Oracle database traffic, detects unauthorized activity including SQL injection attacks, and blocks internal and external threats from reaching the database. In addition this new product collects and consolidates audit data from databases, operating systems, directories, and any custom template-defined source into a centralized, secure warehouse. This new enterprise security monitoring and auditing platform allows organizations to quickly detect and respond to threats with powerful real-time policy analysis, alerting and reporting capabilities. Based on proven SQL grammar analysis that ensures accuracy, performance, and scalability, organizations can deploy with confidence in any mode. Hear how organizations such as TransUnion Interactive and SquareTwo Financial rely on Oracle today to monitor and secure their Oracle and non-Oracle database environments.
  3. http://www.verizonbusiness.com/resources/reports/rp_data-breach-investigations-report-2012_en_xg.pdf
  4. http://joelbrenner.com/america-the-vulnerable/#excerpthttp://joelbrenner.com/wordpress/wp-content/uploads/2011/09/AMERICA_THE_VULNERABLE_JOEL_BRENNER_EXCERPT.pdf
  5. Key point to communicate:This new product provides customers the operational flexibility to deploy the monitoring they need based on the sensitivity and security requirements of their databases.Key features includeMonitor and control database activity on the network. Firewall can allow, log, alert, substitute and block on SQL statements on the networkFirewall uses a SQL grammar analysis engine for high performance and accuracy, an approach that is superior to 1st generation database firewalls that relied on regular expressionsPrevent SQL injections, unauthorized database access, misuse of database privilegeCapture and log database interactions on the network for forensic analysis and compliance reportingConsolidate database audit data from Oracle and non-Oracle into secure centralized repositoryConsolidate audit data from MSFT Active directory and SolarisConsolidate application specific audit Detect and alert on suspicious activities, including privileged userOut-of-the box compliance reports for SOX, PCI, and other regulationsStreamline audits: report generation, notification, attestation, archiving
  6. High performanceDecision time is not influenced by the number of rules in the policyMulti-device / multi-process / multi-core scalabilityMinimal maintenance impactDeployed independently of secured databases and their hosts
  7. Oracle Customers Address Data Security and Compliance with Database FirewallHear how T-Mobile, TransUnion Interactive, and SquareTwo Financial protect sensitive enterprise data and meet regulatory compliance with ease using Oracle Database FirewallVideo:T-Mobile Protects 35 Million Subscribers with Oracle Database SecurityPodcast:T-Mobile Secures Enterprise Data with Defense-in-Depth Security for Oracle and non-Oracle DatabasesT-Mobile USA provides wireless voice, messaging, and data services throughout the United States and protects sensitive enterprise data with Oracle Database defense-in-depth security solutions. Alex MacKnight, principal architect of corporate information security, explains how they use Oracle Database Firewall, Oracle Advanced Security, and Oracle Data Masking to secure sensitive data across the organization in both Oracle and non-Oracle databases.
  8. Video: SquareTwo Enables Development Efficiency and Compliance with OraclePodcast: SquareTwo Financial Enables Compliance and Fast Growth with Oracle Database SecuritySquareTwo Financial, a leader in the $100 billion asset recovery and management industry, enables fast growth and regulatory compliance with Oracle Database Security defense-in-depth solutions. Hear J-T Gaietto, manager of information security, discuss how they use Oracle Database Firewall, Oracle Data Masking, and Oracle Advanced Security.
  9. TransUnion Interactive Uses Database Firewall for ComplianceHear how TransUnion Interactive protects customer data and meets regulatory compliance with database activity monitoring using Oracle Database Firewall