SlideShare a Scribd company logo

Oracle UCM Security: Challenges and Best Practices

Download as PPT, PDF
Brian Huff
Brian Huff

Information on how to "harden" your content server to make it less susceptible to security attacks. Covers risks, vulnerabilities, and countermeasures.

Technology
1 of 39
UCM Security: Challenges and Best Practices Brian “Bex” Huff Chief Software Architect
Purpose ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object]
Brief History of Internet Security ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object]
Brief History of Internet Security, cont. ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object]
Cyber Crime Statistics ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object]
What Should We Do? ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object]
Making A Security Plan ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object]
1) Determine Threats and Risks ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object]
1) Determine Threats and Risks, cont. ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object]
2) Determine Security Policy ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object]
3) Vulnerabilities and Countermeasures ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object]
Vulnerabilities in Oracle UCM ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object]
Protection - High Risk Vulnerabilities ,[object Object],[object Object],[object Object],[object Object],[object Object]
General Network Security ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object]
Cross-Site Scripting (XSS) ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object]
Cross-Site Scripting, cont. ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object]
Malicious Content ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object]
Direct UCM Port Access ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object]
Direct SCS Port Access, cont. ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object]
Protection - Lower Risk Vulnerabilities ,[object Object],[object Object],[object Object],[object Object],[object Object]
Data Leakage ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object]
Eavesdropping ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object]
Password Hacking ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object]
Hacked Web Server ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object]
Hacked File System ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object]
Database Connections ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object]
Protection - Risks in Customizations ,[object Object],[object Object],[object Object],[object Object]
Malicious Components ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object]
Secure Component Tips ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object]
Secure Component Tips, cont. ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object]
Security Customization Examples ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object]
Security Customization Examples, cont. ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object]
Detection – Network Violations ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object]
Detection – UCM Specific ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object]
Reaction – Respond to Intrusion ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object]
Reaction – UCM specific ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object]
Conclusions ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object]
Now Available…
[object Object],[object Object],[object Object],Questions?

Recommended

Design Practices for a Secure Azure Solution
Design Practices for a Secure Azure SolutionDesign Practices for a Secure Azure Solution
Design Practices for a Secure Azure SolutionMichele Leroux Bustamante
 
Enter The Matrix Securing Azure’s Assets
Enter The Matrix Securing Azure’s AssetsEnter The Matrix Securing Azure’s Assets
Enter The Matrix Securing Azure’s AssetsBizTalk360
 
Lessons Learned Deploying Modern Cloud Systems in Highly Regulated Environments
Lessons Learned Deploying Modern Cloud Systems in Highly Regulated EnvironmentsLessons Learned Deploying Modern Cloud Systems in Highly Regulated Environments
Lessons Learned Deploying Modern Cloud Systems in Highly Regulated EnvironmentsPuma Security, LLC
 
Don't Drop the SOAP: Real World Web Service Testing for Web Hackers
Don't Drop the SOAP: Real World Web Service Testing for Web Hackers Don't Drop the SOAP: Real World Web Service Testing for Web Hackers
Don't Drop the SOAP: Real World Web Service Testing for Web Hackers Tom Eston
 
Architecting &Building Scalable Secure Web API
Architecting &Building Scalable Secure Web APIArchitecting &Building Scalable Secure Web API
Architecting &Building Scalable Secure Web APISHAKIL AKHTAR
 
Java PaaS Vendor Survey - September 2011
Java PaaS Vendor Survey - September 2011Java PaaS Vendor Survey - September 2011
Java PaaS Vendor Survey - September 2011Craig Dickson
 
Trust No-One Architecture For Services And Data
Trust No-One Architecture For Services And DataTrust No-One Architecture For Services And Data
Trust No-One Architecture For Services And DataAidan Finn
 
Vulnerabilities in modern web applications
Vulnerabilities in modern web applicationsVulnerabilities in modern web applications
Vulnerabilities in modern web applicationsNiyas Nazar
 

Recommended

Design Practices for a Secure Azure Solution
Design Practices for a Secure Azure SolutionDesign Practices for a Secure Azure Solution
Design Practices for a Secure Azure SolutionMichele Leroux Bustamante
 
Enter The Matrix Securing Azure’s Assets
Enter The Matrix Securing Azure’s AssetsEnter The Matrix Securing Azure’s Assets
Enter The Matrix Securing Azure’s AssetsBizTalk360
 
Lessons Learned Deploying Modern Cloud Systems in Highly Regulated Environments
Lessons Learned Deploying Modern Cloud Systems in Highly Regulated EnvironmentsLessons Learned Deploying Modern Cloud Systems in Highly Regulated Environments
Lessons Learned Deploying Modern Cloud Systems in Highly Regulated EnvironmentsPuma Security, LLC
 
Don't Drop the SOAP: Real World Web Service Testing for Web Hackers
Don't Drop the SOAP: Real World Web Service Testing for Web Hackers Don't Drop the SOAP: Real World Web Service Testing for Web Hackers
Don't Drop the SOAP: Real World Web Service Testing for Web Hackers Tom Eston
 
Architecting &Building Scalable Secure Web API
Architecting &Building Scalable Secure Web APIArchitecting &Building Scalable Secure Web API
Architecting &Building Scalable Secure Web APISHAKIL AKHTAR
 
Java PaaS Vendor Survey - September 2011
Java PaaS Vendor Survey - September 2011Java PaaS Vendor Survey - September 2011
Java PaaS Vendor Survey - September 2011Craig Dickson
 
Trust No-One Architecture For Services And Data
Trust No-One Architecture For Services And DataTrust No-One Architecture For Services And Data
Trust No-One Architecture For Services And DataAidan Finn
 
Vulnerabilities in modern web applications
Vulnerabilities in modern web applicationsVulnerabilities in modern web applications
Vulnerabilities in modern web applicationsNiyas Nazar
 
Spring Security 5
Spring Security 5Spring Security 5
Spring Security 5Jesus Perez Franco
 
Spring Security 3
Spring Security 3Spring Security 3
Spring Security 3Jason Ferguson
 
Playing with php_on_azure
Playing with php_on_azurePlaying with php_on_azure
Playing with php_on_azureCEDRIC DERUE
 
Microservice Come in Systems
Microservice Come in SystemsMicroservice Come in Systems
Microservice Come in SystemsMarkus Eisele
 
IEEE KUET SPAC presentation
IEEE KUET SPAC presentationIEEE KUET SPAC presentation
IEEE KUET SPAC presentationahsanmm
 
Microsoft Azure Websites for PHP Developers
Microsoft Azure Websites for PHP DevelopersMicrosoft Azure Websites for PHP Developers
Microsoft Azure Websites for PHP DevelopersCory Fowler
 
Best Practices in Cloud Security
Best Practices in Cloud SecurityBest Practices in Cloud Security
Best Practices in Cloud SecurityAlert Logic
 
DevSecOps: Let's Write Security Unit Tests
DevSecOps: Let's Write Security Unit TestsDevSecOps: Let's Write Security Unit Tests
DevSecOps: Let's Write Security Unit TestsPuma Security, LLC
 
Locking and Race Conditions in Web Applications
Locking and Race Conditions in Web ApplicationsLocking and Race Conditions in Web Applications
Locking and Race Conditions in Web ApplicationsAndrew Kandels
 
How to Do a Performance Audit of Your .NET Website
How to Do a Performance Audit of Your .NET WebsiteHow to Do a Performance Audit of Your .NET Website
How to Do a Performance Audit of Your .NET WebsiteDNN
 
Tomcat and MySQL in Windows Azure
Tomcat and MySQL in Windows Azure Tomcat and MySQL in Windows Azure
Tomcat and MySQL in Windows Azure Guada Casuso
 
Java Web Application Security with Java EE, Spring Security and Apache Shiro ...
Java Web Application Security with Java EE, Spring Security and Apache Shiro ...Java Web Application Security with Java EE, Spring Security and Apache Shiro ...
Java Web Application Security with Java EE, Spring Security and Apache Shiro ...Matt Raible
 
Octopus framework; Permission based security framework for Java EE
Octopus framework; Permission based security framework for Java EEOctopus framework; Permission based security framework for Java EE
Octopus framework; Permission based security framework for Java EERudy De Busscher
 
Web Servers (ppt)
Web Servers (ppt)Web Servers (ppt)
Web Servers (ppt)webhostingguy
 
Protecting Web Services from DDOS Attack
Protecting Web Services from DDOS AttackProtecting Web Services from DDOS Attack
Protecting Web Services from DDOS AttackPonraj
 
Spring security
Spring securitySpring security
Spring securitySaurabh Sharma
 
Ajax Security
Ajax SecurityAjax Security
Ajax SecurityRoberto Suggi Liverani
 
WSS And Share Point For Developers
WSS And Share Point For DevelopersWSS And Share Point For Developers
WSS And Share Point For DevelopersManny Siddiqui MCS, MBA, PMP
 
DataPower Security Hardening
DataPower Security HardeningDataPower Security Hardening
DataPower Security HardeningShiu-Fun Poon
 
5 step plan to securing your APIs
5 step plan to securing your APIs5 step plan to securing your APIs
5 step plan to securing your APIs💻 Javier Garza
 
Patent Risk and Countermeasures Related to Open Management in Interaction Design
Patent Risk and Countermeasures Related to Open Management in Interaction DesignPatent Risk and Countermeasures Related to Open Management in Interaction Design
Patent Risk and Countermeasures Related to Open Management in Interaction DesignYosuke Sakai
 
Antivirus Evasion Techniques and Countermeasures
Antivirus Evasion Techniques and CountermeasuresAntivirus Evasion Techniques and Countermeasures
Antivirus Evasion Techniques and Countermeasuressecurityxploded
 

More Related Content

What's hot

Playing with php_on_azure
Playing with php_on_azurePlaying with php_on_azure
Playing with php_on_azureCEDRIC DERUE
 
Microservice Come in Systems
Microservice Come in SystemsMicroservice Come in Systems
Microservice Come in SystemsMarkus Eisele
 
IEEE KUET SPAC presentation
IEEE KUET SPAC presentationIEEE KUET SPAC presentation
IEEE KUET SPAC presentationahsanmm
 
Microsoft Azure Websites for PHP Developers
Microsoft Azure Websites for PHP DevelopersMicrosoft Azure Websites for PHP Developers
Microsoft Azure Websites for PHP DevelopersCory Fowler
 
Best Practices in Cloud Security
Best Practices in Cloud SecurityBest Practices in Cloud Security
Best Practices in Cloud SecurityAlert Logic
 
DevSecOps: Let's Write Security Unit Tests
DevSecOps: Let's Write Security Unit TestsDevSecOps: Let's Write Security Unit Tests
DevSecOps: Let's Write Security Unit TestsPuma Security, LLC
 
Locking and Race Conditions in Web Applications
Locking and Race Conditions in Web ApplicationsLocking and Race Conditions in Web Applications
Locking and Race Conditions in Web ApplicationsAndrew Kandels
 
How to Do a Performance Audit of Your .NET Website
How to Do a Performance Audit of Your .NET WebsiteHow to Do a Performance Audit of Your .NET Website
How to Do a Performance Audit of Your .NET WebsiteDNN
 
Tomcat and MySQL in Windows Azure
Tomcat and MySQL in Windows Azure Tomcat and MySQL in Windows Azure
Tomcat and MySQL in Windows Azure Guada Casuso
 
Java Web Application Security with Java EE, Spring Security and Apache Shiro ...
Java Web Application Security with Java EE, Spring Security and Apache Shiro ...Java Web Application Security with Java EE, Spring Security and Apache Shiro ...
Java Web Application Security with Java EE, Spring Security and Apache Shiro ...Matt Raible
 
Octopus framework; Permission based security framework for Java EE
Octopus framework; Permission based security framework for Java EEOctopus framework; Permission based security framework for Java EE
Octopus framework; Permission based security framework for Java EERudy De Busscher
 
Protecting Web Services from DDOS Attack
Protecting Web Services from DDOS AttackProtecting Web Services from DDOS Attack
Protecting Web Services from DDOS AttackPonraj
 
DataPower Security Hardening
DataPower Security HardeningDataPower Security Hardening
DataPower Security HardeningShiu-Fun Poon
 
5 step plan to securing your APIs
5 step plan to securing your APIs5 step plan to securing your APIs
5 step plan to securing your APIs💻 Javier Garza
 

What's hot (20)

Spring Security 5
Spring Security 5Spring Security 5
Spring Security 5
 
Spring Security 3
Spring Security 3Spring Security 3
Spring Security 3
 
Playing with php_on_azure
Playing with php_on_azurePlaying with php_on_azure
Playing with php_on_azure
 
Microservice Come in Systems
Microservice Come in SystemsMicroservice Come in Systems
Microservice Come in Systems
 
IEEE KUET SPAC presentation
IEEE KUET SPAC presentationIEEE KUET SPAC presentation
IEEE KUET SPAC presentation
 
Microsoft Azure Websites for PHP Developers
Microsoft Azure Websites for PHP DevelopersMicrosoft Azure Websites for PHP Developers
Microsoft Azure Websites for PHP Developers
 
Best Practices in Cloud Security
Best Practices in Cloud SecurityBest Practices in Cloud Security
Best Practices in Cloud Security
 
DevSecOps: Let's Write Security Unit Tests
DevSecOps: Let's Write Security Unit TestsDevSecOps: Let's Write Security Unit Tests
DevSecOps: Let's Write Security Unit Tests
 
Locking and Race Conditions in Web Applications
Locking and Race Conditions in Web ApplicationsLocking and Race Conditions in Web Applications
Locking and Race Conditions in Web Applications
 
How to Do a Performance Audit of Your .NET Website
How to Do a Performance Audit of Your .NET WebsiteHow to Do a Performance Audit of Your .NET Website
How to Do a Performance Audit of Your .NET Website
 
Tomcat and MySQL in Windows Azure
Tomcat and MySQL in Windows Azure Tomcat and MySQL in Windows Azure
Tomcat and MySQL in Windows Azure
 
Java Web Application Security with Java EE, Spring Security and Apache Shiro ...
Java Web Application Security with Java EE, Spring Security and Apache Shiro ...Java Web Application Security with Java EE, Spring Security and Apache Shiro ...
Java Web Application Security with Java EE, Spring Security and Apache Shiro ...
 
Octopus framework; Permission based security framework for Java EE
Octopus framework; Permission based security framework for Java EEOctopus framework; Permission based security framework for Java EE
Octopus framework; Permission based security framework for Java EE
 
Web Servers (ppt)
Web Servers (ppt)Web Servers (ppt)
Web Servers (ppt)
 
Protecting Web Services from DDOS Attack
Protecting Web Services from DDOS AttackProtecting Web Services from DDOS Attack
Protecting Web Services from DDOS Attack
 
Spring security
Spring securitySpring security
Spring security
 
Ajax Security
Ajax SecurityAjax Security
Ajax Security
 
WSS And Share Point For Developers
WSS And Share Point For DevelopersWSS And Share Point For Developers
WSS And Share Point For Developers
 
DataPower Security Hardening
DataPower Security HardeningDataPower Security Hardening
DataPower Security Hardening
 
5 step plan to securing your APIs
5 step plan to securing your APIs5 step plan to securing your APIs
5 step plan to securing your APIs
 

Viewers also liked

Patent Risk and Countermeasures Related to Open Management in Interaction Design
Patent Risk and Countermeasures Related to Open Management in Interaction DesignPatent Risk and Countermeasures Related to Open Management in Interaction Design
Patent Risk and Countermeasures Related to Open Management in Interaction DesignYosuke Sakai
 
Antivirus Evasion Techniques and Countermeasures
Antivirus Evasion Techniques and CountermeasuresAntivirus Evasion Techniques and Countermeasures
Antivirus Evasion Techniques and Countermeasuressecurityxploded
 
Skyjacking A Cisco Wlan Attack Analysis And Countermeasures
Skyjacking A Cisco Wlan Attack Analysis And CountermeasuresSkyjacking A Cisco Wlan Attack Analysis And Countermeasures
Skyjacking A Cisco Wlan Attack Analysis And CountermeasuresAirTight Networks
 
Email phishing and countermeasures
Email phishing and countermeasuresEmail phishing and countermeasures
Email phishing and countermeasuresJorge Sebastiao
 
Dstl Medical Countermeasures for Dangerous Pathogens
Dstl Medical Countermeasures for Dangerous PathogensDstl Medical Countermeasures for Dangerous Pathogens
Dstl Medical Countermeasures for Dangerous Pathogenswarwick_amr
 
Identifying Web Servers: A First-look Into the Future of Web Server Fingerpri...
Identifying Web Servers: A First-look Into the Future of Web Server Fingerpri...Identifying Web Servers: A First-look Into the Future of Web Server Fingerpri...
Identifying Web Servers: A First-look Into the Future of Web Server Fingerpri...Jeremiah Grossman
 
Table 4: Unit 4 Reactor: Fukushima Daiichi Nuclear Power Plant - 18 May 2011
Table 4: Unit 4 Reactor: Fukushima Daiichi Nuclear Power Plant - 18 May 2011Table 4: Unit 4 Reactor: Fukushima Daiichi Nuclear Power Plant - 18 May 2011
Table 4: Unit 4 Reactor: Fukushima Daiichi Nuclear Power Plant - 18 May 2011International Atomic Energy Agency
 
Cehv8 module 01 introduction to ethical hacking
Cehv8 module 01 introduction to ethical hackingCehv8 module 01 introduction to ethical hacking
Cehv8 module 01 introduction to ethical hackingpolichen
 
VoIP: Attacks & Countermeasures in the Corporate World
VoIP: Attacks & Countermeasures in the Corporate WorldVoIP: Attacks & Countermeasures in the Corporate World
VoIP: Attacks & Countermeasures in the Corporate WorldJason Edelstein
 
Bone Loss in Long-Duration Spaceflight: Measurements and Countermeasures
Bone Loss in Long-Duration Spaceflight: Measurements and CountermeasuresBone Loss in Long-Duration Spaceflight: Measurements and Countermeasures
Bone Loss in Long-Duration Spaceflight: Measurements and CountermeasuresAmerican Astronautical Society
 
Digital Astroturfing: Definition, typology, and countermeasures.
Digital Astroturfing: Definition, typology, and countermeasures.Digital Astroturfing: Definition, typology, and countermeasures.
Digital Astroturfing: Definition, typology, and countermeasures.Marko Kovic
 
Iis Security Programming Countermeasures
Iis Security Programming CountermeasuresIis Security Programming Countermeasures
Iis Security Programming Countermeasuresguestc27cd9
 
Return oriented programming
Return oriented programmingReturn oriented programming
Return oriented programminghybr1s
 
Designing Countermeasures For Tomorrows Threats
Designing Countermeasures For Tomorrows ThreatsDesigning Countermeasures For Tomorrows Threats
Designing Countermeasures For Tomorrows ThreatsDarwish Ahmad
 
Webinar Gratuito: "Herramientas Graficas en Kali Linux 2.0"
Webinar Gratuito: "Herramientas Graficas en Kali Linux 2.0"Webinar Gratuito: "Herramientas Graficas en Kali Linux 2.0"
Webinar Gratuito: "Herramientas Graficas en Kali Linux 2.0"Alonso Caballero
 
Google Hacking for Cryptographic Secrets
Google Hacking for Cryptographic SecretsGoogle Hacking for Cryptographic Secrets
Google Hacking for Cryptographic SecretsDr. Emin İslam Tatlı
 
Irregularity Countermeasures in Massively Parallel BigData Processors
Irregularity Countermeasures in Massively Parallel BigData ProcessorsIrregularity Countermeasures in Massively Parallel BigData Processors
Irregularity Countermeasures in Massively Parallel BigData ProcessorsTokyo University of Science
 
Owasp Top 10 And Security Flaw Root Causes
Owasp Top 10 And Security Flaw Root CausesOwasp Top 10 And Security Flaw Root Causes
Owasp Top 10 And Security Flaw Root CausesMarco Morana
 
[CB16] Air-Gap security: State-of-the-art Attacks, Analysis, and Mitigation b...
[CB16] Air-Gap security: State-of-the-art Attacks, Analysis, and Mitigation b...[CB16] Air-Gap security: State-of-the-art Attacks, Analysis, and Mitigation b...
[CB16] Air-Gap security: State-of-the-art Attacks, Analysis, and Mitigation b...CODE BLUE
 

Viewers also liked (20)

Patent Risk and Countermeasures Related to Open Management in Interaction Design
Patent Risk and Countermeasures Related to Open Management in Interaction DesignPatent Risk and Countermeasures Related to Open Management in Interaction Design
Patent Risk and Countermeasures Related to Open Management in Interaction Design
 
Antivirus Evasion Techniques and Countermeasures
Antivirus Evasion Techniques and CountermeasuresAntivirus Evasion Techniques and Countermeasures
Antivirus Evasion Techniques and Countermeasures
 
Skyjacking A Cisco Wlan Attack Analysis And Countermeasures
Skyjacking A Cisco Wlan Attack Analysis And CountermeasuresSkyjacking A Cisco Wlan Attack Analysis And Countermeasures
Skyjacking A Cisco Wlan Attack Analysis And Countermeasures
 
Email phishing and countermeasures
Email phishing and countermeasuresEmail phishing and countermeasures
Email phishing and countermeasures
 
Dstl Medical Countermeasures for Dangerous Pathogens
Dstl Medical Countermeasures for Dangerous PathogensDstl Medical Countermeasures for Dangerous Pathogens
Dstl Medical Countermeasures for Dangerous Pathogens
 
Identifying Web Servers: A First-look Into the Future of Web Server Fingerpri...
Identifying Web Servers: A First-look Into the Future of Web Server Fingerpri...Identifying Web Servers: A First-look Into the Future of Web Server Fingerpri...
Identifying Web Servers: A First-look Into the Future of Web Server Fingerpri...
 
Table 4: Unit 4 Reactor: Fukushima Daiichi Nuclear Power Plant - 18 May 2011
Table 4: Unit 4 Reactor: Fukushima Daiichi Nuclear Power Plant - 18 May 2011Table 4: Unit 4 Reactor: Fukushima Daiichi Nuclear Power Plant - 18 May 2011
Table 4: Unit 4 Reactor: Fukushima Daiichi Nuclear Power Plant - 18 May 2011
 
Cehv8 module 01 introduction to ethical hacking
Cehv8 module 01 introduction to ethical hackingCehv8 module 01 introduction to ethical hacking
Cehv8 module 01 introduction to ethical hacking
 
VoIP: Attacks & Countermeasures in the Corporate World
VoIP: Attacks & Countermeasures in the Corporate WorldVoIP: Attacks & Countermeasures in the Corporate World
VoIP: Attacks & Countermeasures in the Corporate World
 
Seminar Presentation
Seminar PresentationSeminar Presentation
Seminar Presentation
 
Bone Loss in Long-Duration Spaceflight: Measurements and Countermeasures
Bone Loss in Long-Duration Spaceflight: Measurements and CountermeasuresBone Loss in Long-Duration Spaceflight: Measurements and Countermeasures
Bone Loss in Long-Duration Spaceflight: Measurements and Countermeasures
 
Digital Astroturfing: Definition, typology, and countermeasures.
Digital Astroturfing: Definition, typology, and countermeasures.Digital Astroturfing: Definition, typology, and countermeasures.
Digital Astroturfing: Definition, typology, and countermeasures.
 
Iis Security Programming Countermeasures
Iis Security Programming CountermeasuresIis Security Programming Countermeasures
Iis Security Programming Countermeasures
 
Return oriented programming
Return oriented programmingReturn oriented programming
Return oriented programming
 
Designing Countermeasures For Tomorrows Threats
Designing Countermeasures For Tomorrows ThreatsDesigning Countermeasures For Tomorrows Threats
Designing Countermeasures For Tomorrows Threats
 
Webinar Gratuito: "Herramientas Graficas en Kali Linux 2.0"
Webinar Gratuito: "Herramientas Graficas en Kali Linux 2.0"Webinar Gratuito: "Herramientas Graficas en Kali Linux 2.0"
Webinar Gratuito: "Herramientas Graficas en Kali Linux 2.0"
 
Google Hacking for Cryptographic Secrets
Google Hacking for Cryptographic SecretsGoogle Hacking for Cryptographic Secrets
Google Hacking for Cryptographic Secrets
 
Irregularity Countermeasures in Massively Parallel BigData Processors
Irregularity Countermeasures in Massively Parallel BigData ProcessorsIrregularity Countermeasures in Massively Parallel BigData Processors
Irregularity Countermeasures in Massively Parallel BigData Processors
 
Owasp Top 10 And Security Flaw Root Causes
Owasp Top 10 And Security Flaw Root CausesOwasp Top 10 And Security Flaw Root Causes
Owasp Top 10 And Security Flaw Root Causes
 
[CB16] Air-Gap security: State-of-the-art Attacks, Analysis, and Mitigation b...
[CB16] Air-Gap security: State-of-the-art Attacks, Analysis, and Mitigation b...[CB16] Air-Gap security: State-of-the-art Attacks, Analysis, and Mitigation b...
[CB16] Air-Gap security: State-of-the-art Attacks, Analysis, and Mitigation b...
 

Similar to Oracle UCM Security: Challenges and Best Practices

302 Content Server Security Challenges And Best Practices
302 Content Server Security Challenges And Best Practices302 Content Server Security Challenges And Best Practices
302 Content Server Security Challenges And Best Practicesphanleson
 
Sreerag cs network security
Sreerag cs network securitySreerag cs network security
Sreerag cs network securitySreerag Gopinath
 
Security communication
Security communicationSecurity communication
Security communicationSay Shyong
 
Web Server Technologies Part III: Security & Future Musings
Web Server Technologies Part III: Security & Future MusingsWeb Server Technologies Part III: Security & Future Musings
Web Server Technologies Part III: Security & Future MusingsPort80 Software
 
Security in the cloud protecting your cloud apps
Security in the cloud protecting your cloud appsSecurity in the cloud protecting your cloud apps
Security in the cloud protecting your cloud appsCenzic
 
Intro to Web Application Security
Intro to Web Application SecurityIntro to Web Application Security
Intro to Web Application SecurityRob Ragan
 
Browser Security ppt.pptx
Browser Security ppt.pptxBrowser Security ppt.pptx
Browser Security ppt.pptxAjaySahre
 
Website hacking and prevention (All Tools,Topics & Technique )
Website hacking and prevention (All Tools,Topics & Technique )Website hacking and prevention (All Tools,Topics & Technique )
Website hacking and prevention (All Tools,Topics & Technique )Jay Nagar
 
Web Application Security
Web Application SecurityWeb Application Security
Web Application SecurityAbdul Wahid
 
Ceh v5 module 12 web application vulnerabilities
Ceh v5 module 12 web application vulnerabilitiesCeh v5 module 12 web application vulnerabilities
Ceh v5 module 12 web application vulnerabilitiesVi Tính Hoàng Nam
 
Spe cs getting_started_guide
Spe cs getting_started_guideSpe cs getting_started_guide
Spe cs getting_started_guidesaurabh_classic
 
Spe cs getting_started_guide
Spe cs getting_started_guideSpe cs getting_started_guide
Spe cs getting_started_guideSaurabh Singh
 
Application Security Vulnerabilities: OWASP Top 10 -2007
Application Security Vulnerabilities: OWASP Top 10 -2007Application Security Vulnerabilities: OWASP Top 10 -2007
Application Security Vulnerabilities: OWASP Top 10 -2007Vaibhav Gupta
 
Protecting Windows Networks From Malware 31 Jan09
Protecting Windows Networks From Malware 31 Jan09Protecting Windows Networks From Malware 31 Jan09
Protecting Windows Networks From Malware 31 Jan09technext1
 
Protecting Windows Networks From Malware
Protecting Windows Networks From MalwareProtecting Windows Networks From Malware
Protecting Windows Networks From MalwareRishu Mehra
 
Developing Secure Applications and Defending Against Common Attacks
Developing Secure Applications and Defending Against Common AttacksDeveloping Secure Applications and Defending Against Common Attacks
Developing Secure Applications and Defending Against Common AttacksPayPalX Developer Network
 
Web and Mobile Application Security
Web and Mobile Application SecurityWeb and Mobile Application Security
Web and Mobile Application SecurityPrateek Jain
 
Chapter 2 System Security.pptx
Chapter 2 System Security.pptxChapter 2 System Security.pptx
Chapter 2 System Security.pptxRushikeshChikane2
 
Elementary-Information-Security-Practices
Elementary-Information-Security-PracticesElementary-Information-Security-Practices
Elementary-Information-Security-PracticesOctogence
 

Similar to Oracle UCM Security: Challenges and Best Practices (20)

302 Content Server Security Challenges And Best Practices
302 Content Server Security Challenges And Best Practices302 Content Server Security Challenges And Best Practices
302 Content Server Security Challenges And Best Practices
 
Sreerag cs network security
Sreerag cs network securitySreerag cs network security
Sreerag cs network security
 
Security communication
Security communicationSecurity communication
Security communication
 
Web Server Technologies Part III: Security & Future Musings
Web Server Technologies Part III: Security & Future MusingsWeb Server Technologies Part III: Security & Future Musings
Web Server Technologies Part III: Security & Future Musings
 
Security in the cloud protecting your cloud apps
Security in the cloud protecting your cloud appsSecurity in the cloud protecting your cloud apps
Security in the cloud protecting your cloud apps
 
Intro to Web Application Security
Intro to Web Application SecurityIntro to Web Application Security
Intro to Web Application Security
 
Browser Security ppt.pptx
Browser Security ppt.pptxBrowser Security ppt.pptx
Browser Security ppt.pptx
 
Website hacking and prevention (All Tools,Topics & Technique )
Website hacking and prevention (All Tools,Topics & Technique )Website hacking and prevention (All Tools,Topics & Technique )
Website hacking and prevention (All Tools,Topics & Technique )
 
Web Application Security
Web Application SecurityWeb Application Security
Web Application Security
 
Ceh v5 module 12 web application vulnerabilities
Ceh v5 module 12 web application vulnerabilitiesCeh v5 module 12 web application vulnerabilities
Ceh v5 module 12 web application vulnerabilities
 
Spe cs getting_started_guide
Spe cs getting_started_guideSpe cs getting_started_guide
Spe cs getting_started_guide
 
Spe cs getting_started_guide
Spe cs getting_started_guideSpe cs getting_started_guide
Spe cs getting_started_guide
 
Application Security Vulnerabilities: OWASP Top 10 -2007
Application Security Vulnerabilities: OWASP Top 10 -2007Application Security Vulnerabilities: OWASP Top 10 -2007
Application Security Vulnerabilities: OWASP Top 10 -2007
 
Protecting Windows Networks From Malware 31 Jan09
Protecting Windows Networks From Malware 31 Jan09Protecting Windows Networks From Malware 31 Jan09
Protecting Windows Networks From Malware 31 Jan09
 
Protecting Windows Networks From Malware
Protecting Windows Networks From MalwareProtecting Windows Networks From Malware
Protecting Windows Networks From Malware
 
Developing Secure Applications and Defending Against Common Attacks
Developing Secure Applications and Defending Against Common AttacksDeveloping Secure Applications and Defending Against Common Attacks
Developing Secure Applications and Defending Against Common Attacks
 
Web and Mobile Application Security
Web and Mobile Application SecurityWeb and Mobile Application Security
Web and Mobile Application Security
 
Chapter 2 System Security.pptx
Chapter 2 System Security.pptxChapter 2 System Security.pptx
Chapter 2 System Security.pptx
 
Elementary-Information-Security-Practices
Elementary-Information-Security-PracticesElementary-Information-Security-Practices
Elementary-Information-Security-Practices
 
Windows network security
Windows network securityWindows network security
Windows network security
 

More from Brian Huff

Top 10 HTML5 Features for Oracle Cloud Developers
Top 10 HTML5 Features for Oracle Cloud DevelopersTop 10 HTML5 Features for Oracle Cloud Developers
Top 10 HTML5 Features for Oracle Cloud DevelopersBrian Huff
 
Switching to Oracle Document Cloud
Switching to Oracle Document CloudSwitching to Oracle Document Cloud
Switching to Oracle Document CloudBrian Huff
 
AP Automation for EBS or PeopleSoft with Oracle WebCenter
AP Automation for EBS or PeopleSoft with Oracle WebCenterAP Automation for EBS or PeopleSoft with Oracle WebCenter
AP Automation for EBS or PeopleSoft with Oracle WebCenterBrian Huff
 
Deep Dive: Oracle WebCenter Content Tips and Traps!
Deep Dive: Oracle WebCenter Content Tips and Traps!Deep Dive: Oracle WebCenter Content Tips and Traps!
Deep Dive: Oracle WebCenter Content Tips and Traps!Brian Huff
 
OWASP Top 10 Security Vulnerabilities, and Securing them with Oracle ADF
OWASP Top 10 Security Vulnerabilities, and Securing them with Oracle ADFOWASP Top 10 Security Vulnerabilities, and Securing them with Oracle ADF
OWASP Top 10 Security Vulnerabilities, and Securing them with Oracle ADFBrian Huff
 
Seamless Integrations between WebCenter Content, Site Studio, and WebCenter S...
Seamless Integrations between WebCenter Content, Site Studio, and WebCenter S...Seamless Integrations between WebCenter Content, Site Studio, and WebCenter S...
Seamless Integrations between WebCenter Content, Site Studio, and WebCenter S...Brian Huff
 
Integrating ADF Mobile with WebCenter
Integrating ADF Mobile with WebCenterIntegrating ADF Mobile with WebCenter
Integrating ADF Mobile with WebCenterBrian Huff
 
WebCenter Content & Portal Methodology Deep Dive with Case Studies
WebCenter Content & Portal Methodology Deep Dive with Case StudiesWebCenter Content & Portal Methodology Deep Dive with Case Studies
WebCenter Content & Portal Methodology Deep Dive with Case StudiesBrian Huff
 
Creating Next-Generation ADF Mobile Applications
Creating Next-Generation ADF Mobile ApplicationsCreating Next-Generation ADF Mobile Applications
Creating Next-Generation ADF Mobile ApplicationsBrian Huff
 
FatWire Tutorial For Site Studio Developers
FatWire Tutorial For Site Studio DevelopersFatWire Tutorial For Site Studio Developers
FatWire Tutorial For Site Studio DevelopersBrian Huff
 
Creating a Global E-Commerce Website With E-Business Suite and Fusion Middleware
Creating a Global E-Commerce Website With E-Business Suite and Fusion MiddlewareCreating a Global E-Commerce Website With E-Business Suite and Fusion Middleware
Creating a Global E-Commerce Website With E-Business Suite and Fusion MiddlewareBrian Huff
 
Integrating ECM (WebCenter Content) with your Enterprise! 5 Tips to Try, 5 Tr...
Integrating ECM (WebCenter Content) with your Enterprise! 5 Tips to Try, 5 Tr...Integrating ECM (WebCenter Content) with your Enterprise! 5 Tips to Try, 5 Tr...
Integrating ECM (WebCenter Content) with your Enterprise! 5 Tips to Try, 5 Tr...Brian Huff
 
Top 10 Web Security Vulnerabilities (OWASP Top 10)
Top 10 Web Security Vulnerabilities (OWASP Top 10)Top 10 Web Security Vulnerabilities (OWASP Top 10)
Top 10 Web Security Vulnerabilities (OWASP Top 10)Brian Huff
 
Oracle UCM Implementation Patterns
Oracle UCM Implementation PatternsOracle UCM Implementation Patterns
Oracle UCM Implementation PatternsBrian Huff
 
Creating and Maintaining An Internationalized Website
Creating and Maintaining An Internationalized WebsiteCreating and Maintaining An Internationalized Website
Creating and Maintaining An Internationalized WebsiteBrian Huff
 
The Top 10 Things Oracle UCM Users Need To Know About WebLogic
The Top 10 Things Oracle UCM Users Need To Know About WebLogicThe Top 10 Things Oracle UCM Users Need To Know About WebLogic
The Top 10 Things Oracle UCM Users Need To Know About WebLogicBrian Huff
 
Oracle UCM: Web Site Performance Tuning
Oracle UCM: Web Site Performance TuningOracle UCM: Web Site Performance Tuning
Oracle UCM: Web Site Performance TuningBrian Huff
 
Real World Examples of Succesful Enterprise Content Management Strategies
Real World Examples of Succesful Enterprise Content Management StrategiesReal World Examples of Succesful Enterprise Content Management Strategies
Real World Examples of Succesful Enterprise Content Management StrategiesBrian Huff
 
A Pragmatic Strategy for Oracle Enterprise Content Management
A Pragmatic Strategy for Oracle Enterprise Content ManagementA Pragmatic Strategy for Oracle Enterprise Content Management
A Pragmatic Strategy for Oracle Enterprise Content ManagementBrian Huff
 
Top 10 Ways To Integrate With Oracle Enterprise Content Management (ECM)
Top 10 Ways To Integrate With Oracle Enterprise Content Management (ECM)Top 10 Ways To Integrate With Oracle Enterprise Content Management (ECM)
Top 10 Ways To Integrate With Oracle Enterprise Content Management (ECM)Brian Huff
 

More from Brian Huff (20)

Top 10 HTML5 Features for Oracle Cloud Developers
Top 10 HTML5 Features for Oracle Cloud DevelopersTop 10 HTML5 Features for Oracle Cloud Developers
Top 10 HTML5 Features for Oracle Cloud Developers
 
Switching to Oracle Document Cloud
Switching to Oracle Document CloudSwitching to Oracle Document Cloud
Switching to Oracle Document Cloud
 
AP Automation for EBS or PeopleSoft with Oracle WebCenter
AP Automation for EBS or PeopleSoft with Oracle WebCenterAP Automation for EBS or PeopleSoft with Oracle WebCenter
AP Automation for EBS or PeopleSoft with Oracle WebCenter
 
Deep Dive: Oracle WebCenter Content Tips and Traps!
Deep Dive: Oracle WebCenter Content Tips and Traps!Deep Dive: Oracle WebCenter Content Tips and Traps!
Deep Dive: Oracle WebCenter Content Tips and Traps!
 
OWASP Top 10 Security Vulnerabilities, and Securing them with Oracle ADF
OWASP Top 10 Security Vulnerabilities, and Securing them with Oracle ADFOWASP Top 10 Security Vulnerabilities, and Securing them with Oracle ADF
OWASP Top 10 Security Vulnerabilities, and Securing them with Oracle ADF
 
Seamless Integrations between WebCenter Content, Site Studio, and WebCenter S...
Seamless Integrations between WebCenter Content, Site Studio, and WebCenter S...Seamless Integrations between WebCenter Content, Site Studio, and WebCenter S...
Seamless Integrations between WebCenter Content, Site Studio, and WebCenter S...
 
Integrating ADF Mobile with WebCenter
Integrating ADF Mobile with WebCenterIntegrating ADF Mobile with WebCenter
Integrating ADF Mobile with WebCenter
 
WebCenter Content & Portal Methodology Deep Dive with Case Studies
WebCenter Content & Portal Methodology Deep Dive with Case StudiesWebCenter Content & Portal Methodology Deep Dive with Case Studies
WebCenter Content & Portal Methodology Deep Dive with Case Studies
 
Creating Next-Generation ADF Mobile Applications
Creating Next-Generation ADF Mobile ApplicationsCreating Next-Generation ADF Mobile Applications
Creating Next-Generation ADF Mobile Applications
 
FatWire Tutorial For Site Studio Developers
FatWire Tutorial For Site Studio DevelopersFatWire Tutorial For Site Studio Developers
FatWire Tutorial For Site Studio Developers
 
Creating a Global E-Commerce Website With E-Business Suite and Fusion Middleware
Creating a Global E-Commerce Website With E-Business Suite and Fusion MiddlewareCreating a Global E-Commerce Website With E-Business Suite and Fusion Middleware
Creating a Global E-Commerce Website With E-Business Suite and Fusion Middleware
 
Integrating ECM (WebCenter Content) with your Enterprise! 5 Tips to Try, 5 Tr...
Integrating ECM (WebCenter Content) with your Enterprise! 5 Tips to Try, 5 Tr...Integrating ECM (WebCenter Content) with your Enterprise! 5 Tips to Try, 5 Tr...
Integrating ECM (WebCenter Content) with your Enterprise! 5 Tips to Try, 5 Tr...
 
Top 10 Web Security Vulnerabilities (OWASP Top 10)
Top 10 Web Security Vulnerabilities (OWASP Top 10)Top 10 Web Security Vulnerabilities (OWASP Top 10)
Top 10 Web Security Vulnerabilities (OWASP Top 10)
 
Oracle UCM Implementation Patterns
Oracle UCM Implementation PatternsOracle UCM Implementation Patterns
Oracle UCM Implementation Patterns
 
Creating and Maintaining An Internationalized Website
Creating and Maintaining An Internationalized WebsiteCreating and Maintaining An Internationalized Website
Creating and Maintaining An Internationalized Website
 
The Top 10 Things Oracle UCM Users Need To Know About WebLogic
The Top 10 Things Oracle UCM Users Need To Know About WebLogicThe Top 10 Things Oracle UCM Users Need To Know About WebLogic
The Top 10 Things Oracle UCM Users Need To Know About WebLogic
 
Oracle UCM: Web Site Performance Tuning
Oracle UCM: Web Site Performance TuningOracle UCM: Web Site Performance Tuning
Oracle UCM: Web Site Performance Tuning
 
Real World Examples of Succesful Enterprise Content Management Strategies
Real World Examples of Succesful Enterprise Content Management StrategiesReal World Examples of Succesful Enterprise Content Management Strategies
Real World Examples of Succesful Enterprise Content Management Strategies
 
A Pragmatic Strategy for Oracle Enterprise Content Management
A Pragmatic Strategy for Oracle Enterprise Content ManagementA Pragmatic Strategy for Oracle Enterprise Content Management
A Pragmatic Strategy for Oracle Enterprise Content Management
 
Top 10 Ways To Integrate With Oracle Enterprise Content Management (ECM)
Top 10 Ways To Integrate With Oracle Enterprise Content Management (ECM)Top 10 Ways To Integrate With Oracle Enterprise Content Management (ECM)
Top 10 Ways To Integrate With Oracle Enterprise Content Management (ECM)
 

Recently uploaded

Advanced Test Driven-Development @ php[tek] 2024
Advanced Test Driven-Development @ php[tek] 2024Advanced Test Driven-Development @ php[tek] 2024
Advanced Test Driven-Development @ php[tek] 2024Scott Keck-Warren
 
"Debugging python applications inside k8s environment", Andrii Soldatenko
"Debugging python applications inside k8s environment", Andrii Soldatenko"Debugging python applications inside k8s environment", Andrii Soldatenko
"Debugging python applications inside k8s environment", Andrii SoldatenkoFwdays
 
Nell’iperspazio con Rocket: il Framework Web di Rust!
Nell’iperspazio con Rocket: il Framework Web di Rust!Nell’iperspazio con Rocket: il Framework Web di Rust!
Nell’iperspazio con Rocket: il Framework Web di Rust!Commit University
 
TrustArc Webinar - How to Build Consumer Trust Through Data Privacy
TrustArc Webinar - How to Build Consumer Trust Through Data PrivacyTrustArc Webinar - How to Build Consumer Trust Through Data Privacy
TrustArc Webinar - How to Build Consumer Trust Through Data PrivacyTrustArc
 
Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024BookNet Canada
 
Search Engine Optimization SEO PDF for 2024.pdf
Search Engine Optimization SEO PDF for 2024.pdfSearch Engine Optimization SEO PDF for 2024.pdf
Search Engine Optimization SEO PDF for 2024.pdfRankYa
 
The Ultimate Guide to Choosing WordPress Pros and Cons
The Ultimate Guide to Choosing WordPress Pros and ConsThe Ultimate Guide to Choosing WordPress Pros and Cons
The Ultimate Guide to Choosing WordPress Pros and ConsPixlogix Infotech
 
How AI, OpenAI, and ChatGPT impact business and software.
How AI, OpenAI, and ChatGPT impact business and software.How AI, OpenAI, and ChatGPT impact business and software.
How AI, OpenAI, and ChatGPT impact business and software.Curtis Poe
 
What's New in Teams Calling, Meetings and Devices March 2024
What's New in Teams Calling, Meetings and Devices March 2024What's New in Teams Calling, Meetings and Devices March 2024
What's New in Teams Calling, Meetings and Devices March 2024Stephanie Beckett
 
SIP trunking in Janus @ Kamailio World 2024
SIP trunking in Janus @ Kamailio World 2024SIP trunking in Janus @ Kamailio World 2024
SIP trunking in Janus @ Kamailio World 2024Lorenzo Miniero
 
Hyperautomation and AI/ML: A Strategy for Digital Transformation Success.pdf
Hyperautomation and AI/ML: A Strategy for Digital Transformation Success.pdfHyperautomation and AI/ML: A Strategy for Digital Transformation Success.pdf
Hyperautomation and AI/ML: A Strategy for Digital Transformation Success.pdfPrecisely
 
How to write a Business Continuity Plan
How to write a Business Continuity PlanHow to write a Business Continuity Plan
How to write a Business Continuity PlanDatabarracks
 
Artificial intelligence in cctv survelliance.pptx
Artificial intelligence in cctv survelliance.pptxArtificial intelligence in cctv survelliance.pptx
Artificial intelligence in cctv survelliance.pptxhariprasad279825
 
Human Factors of XR: Using Human Factors to Design XR Systems
Human Factors of XR: Using Human Factors to Design XR SystemsHuman Factors of XR: Using Human Factors to Design XR Systems
Human Factors of XR: Using Human Factors to Design XR SystemsMark Billinghurst
 
H2O.ai CEO/Founder: Sri Ambati Keynote at Wells Fargo Day
H2O.ai CEO/Founder: Sri Ambati Keynote at Wells Fargo DayH2O.ai CEO/Founder: Sri Ambati Keynote at Wells Fargo Day
H2O.ai CEO/Founder: Sri Ambati Keynote at Wells Fargo DaySri Ambati
 
Designing IA for AI - Information Architecture Conference 2024
Designing IA for AI - Information Architecture Conference 2024Designing IA for AI - Information Architecture Conference 2024
Designing IA for AI - Information Architecture Conference 2024Enterprise Knowledge
 
CloudStudio User manual (basic edition):
CloudStudio User manual (basic edition):CloudStudio User manual (basic edition):
CloudStudio User manual (basic edition):comworks
 
"LLMs for Python Engineers: Advanced Data Analysis and Semantic Kernel",Oleks...
"LLMs for Python Engineers: Advanced Data Analysis and Semantic Kernel",Oleks..."LLMs for Python Engineers: Advanced Data Analysis and Semantic Kernel",Oleks...
"LLMs for Python Engineers: Advanced Data Analysis and Semantic Kernel",Oleks...Fwdays
 
SAP Build Work Zone - Overview L2-L3.pptx
SAP Build Work Zone - Overview L2-L3.pptxSAP Build Work Zone - Overview L2-L3.pptx
SAP Build Work Zone - Overview L2-L3.pptxNavinnSomaal
 
New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024BookNet Canada
 

Recently uploaded (20)

Advanced Test Driven-Development @ php[tek] 2024
Advanced Test Driven-Development @ php[tek] 2024Advanced Test Driven-Development @ php[tek] 2024
Advanced Test Driven-Development @ php[tek] 2024
 
"Debugging python applications inside k8s environment", Andrii Soldatenko
"Debugging python applications inside k8s environment", Andrii Soldatenko"Debugging python applications inside k8s environment", Andrii Soldatenko
"Debugging python applications inside k8s environment", Andrii Soldatenko
 
Nell’iperspazio con Rocket: il Framework Web di Rust!
Nell’iperspazio con Rocket: il Framework Web di Rust!Nell’iperspazio con Rocket: il Framework Web di Rust!
Nell’iperspazio con Rocket: il Framework Web di Rust!
 
TrustArc Webinar - How to Build Consumer Trust Through Data Privacy
TrustArc Webinar - How to Build Consumer Trust Through Data PrivacyTrustArc Webinar - How to Build Consumer Trust Through Data Privacy
TrustArc Webinar - How to Build Consumer Trust Through Data Privacy
 
Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
 
Search Engine Optimization SEO PDF for 2024.pdf
Search Engine Optimization SEO PDF for 2024.pdfSearch Engine Optimization SEO PDF for 2024.pdf
Search Engine Optimization SEO PDF for 2024.pdf
 
The Ultimate Guide to Choosing WordPress Pros and Cons
The Ultimate Guide to Choosing WordPress Pros and ConsThe Ultimate Guide to Choosing WordPress Pros and Cons
The Ultimate Guide to Choosing WordPress Pros and Cons
 
How AI, OpenAI, and ChatGPT impact business and software.
How AI, OpenAI, and ChatGPT impact business and software.How AI, OpenAI, and ChatGPT impact business and software.
How AI, OpenAI, and ChatGPT impact business and software.
 
What's New in Teams Calling, Meetings and Devices March 2024
What's New in Teams Calling, Meetings and Devices March 2024What's New in Teams Calling, Meetings and Devices March 2024
What's New in Teams Calling, Meetings and Devices March 2024
 
SIP trunking in Janus @ Kamailio World 2024
SIP trunking in Janus @ Kamailio World 2024SIP trunking in Janus @ Kamailio World 2024
SIP trunking in Janus @ Kamailio World 2024
 
Hyperautomation and AI/ML: A Strategy for Digital Transformation Success.pdf
Hyperautomation and AI/ML: A Strategy for Digital Transformation Success.pdfHyperautomation and AI/ML: A Strategy for Digital Transformation Success.pdf
Hyperautomation and AI/ML: A Strategy for Digital Transformation Success.pdf
 
How to write a Business Continuity Plan
How to write a Business Continuity PlanHow to write a Business Continuity Plan
How to write a Business Continuity Plan
 
Artificial intelligence in cctv survelliance.pptx
Artificial intelligence in cctv survelliance.pptxArtificial intelligence in cctv survelliance.pptx
Artificial intelligence in cctv survelliance.pptx
 
Human Factors of XR: Using Human Factors to Design XR Systems
Human Factors of XR: Using Human Factors to Design XR SystemsHuman Factors of XR: Using Human Factors to Design XR Systems
Human Factors of XR: Using Human Factors to Design XR Systems
 
H2O.ai CEO/Founder: Sri Ambati Keynote at Wells Fargo Day
H2O.ai CEO/Founder: Sri Ambati Keynote at Wells Fargo DayH2O.ai CEO/Founder: Sri Ambati Keynote at Wells Fargo Day
H2O.ai CEO/Founder: Sri Ambati Keynote at Wells Fargo Day
 
Designing IA for AI - Information Architecture Conference 2024
Designing IA for AI - Information Architecture Conference 2024Designing IA for AI - Information Architecture Conference 2024
Designing IA for AI - Information Architecture Conference 2024
 
CloudStudio User manual (basic edition):
CloudStudio User manual (basic edition):CloudStudio User manual (basic edition):
CloudStudio User manual (basic edition):
 
"LLMs for Python Engineers: Advanced Data Analysis and Semantic Kernel",Oleks...
"LLMs for Python Engineers: Advanced Data Analysis and Semantic Kernel",Oleks..."LLMs for Python Engineers: Advanced Data Analysis and Semantic Kernel",Oleks...
"LLMs for Python Engineers: Advanced Data Analysis and Semantic Kernel",Oleks...
 
SAP Build Work Zone - Overview L2-L3.pptx
SAP Build Work Zone - Overview L2-L3.pptxSAP Build Work Zone - Overview L2-L3.pptx
SAP Build Work Zone - Overview L2-L3.pptx
 
New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
 

Oracle UCM Security: Challenges and Best Practices

  • 1. UCM Security: Challenges and Best Practices Brian “Bex” Huff Chief Software Architect
  • 2.
  • 3.
  • 4.
  • 5.
  • 6.
  • 7.
  • 8.
  • 9.
  • 10.
  • 11.
  • 12.
  • 13.
  • 14.
  • 15.
  • 16.
  • 17.
  • 18.
  • 19.
  • 20.
  • 21.
  • 22.
  • 23.
  • 24.
  • 25.
  • 26.
  • 27.
  • 28.
  • 29.
  • 30.
  • 31.
  • 32.
  • 33.
  • 34.
  • 35.
  • 36.
  • 37.
  • 39.

Editor's Notes

  1. Five kinds possible threats. Remember – a threat is a person. That 70% stat is probably meaningless, because there just isn’t enough hard evidence. Its true that 70% of identity thieves are insiders (Identity Theft Resource Center)... but only 30% of corporations have admitted firing somebody because of violating security practices (IDC's 2004 Security Survey ).
  2. Im not a huge fan of biometrics. You should have access keys first, add passwords to the keys for extra security, and add biometrics as a last resort. It helps, but only a little. And management is a pain. If somebody copies your password, you can make a new password. If somebody copies your thumbprint, you cant make a new thumb!