I came across a blog entry on a blog called "Obsession with Oracle
" this evening whilst looking for something else. The post is titled "Oracle Application Schema Checklist and Database Checklist
". It refers to my checklist that I wrote for SANS called the S.C.O.R.E. checklist
. This is a good security checklist and is always worth a revisit. The post interested me because it also includes a useful application schema checklist. It is a bit vague in places and perhaps I don't agree with it all BUT its a good idea to not just think about security parameters and configuration in isolation you should also think about the application and its schemas.