Call: +44 (0)1904 557620 Call
Blog

Pete Finnigan's Oracle Security Weblog

This is the weblog for Pete Finnigan. Pete works in the area of Oracle security and he specialises in auditing Oracle databases for security issues. This weblog is aimed squarely at those interested in the security of their Oracle databases.

[Previous entry: "The Age talks about David Litchfields open letter to Oracle"] [Next entry: "How to encrypt/decrypt strings with the dbms_obfuscation_toolkit package"]

Prevention and detection better than cure



I just came across this article by Madeline Bennett, IT Week published on 13 Oct titled "Prevention and detection better than cure - Oracle's CSO explains why the future of IT security is not in patches, but in secure code"

This is a short question and answer session with Mary Ann Davidson, Oracle's Chief Security Officer. There are some interesting questions and answers from Mary Ann. The questions about "Is secure code the key to security?" and "What is Oracle's attitude towards responsible disclosure of flaws?" are worth reading.