Hands-On Oracle Application Express Security: Building Secure Apex Applications

Sold by John Wiley & Sons
Free sample

An example-driven approach to securing Oracle APEXapplications

As a Rapid Application Development framework, Oracle ApplicationExpress (APEX) allows websites to easily be created based on datawithin an Oracle database. Using only a web browser, you candevelop and deploy professional applications that are both fast andsecure. However, as with any website, there is a security risk andthreat, and securing APEX applications requires some specificknowledge of the framework. Written by well-known securityspecialists Recx, this book shows you the correct ways to implementyour APEX applications to ensure that they are not vulnerable toattacks. Real-world examples of a variety of securityvulnerabilities demonstrate attacks and show the techniques andbest practices for making applications secure.

  • Divides coverage into four sections, three of which cover themain classes of threat faced by web applications and the forthcovers an APEX-specific protection mechanism
  • Addresses the security issues that can arise, demonstratingsecure application design
  • Examines the most common class of vulnerability that allowsattackers to invoke actions on behalf of other users and accesssensitive data

The lead-by-example approach featured in this critical bookteaches you basic "hacker" skills in order to show you how tovalidate and secure your APEX applications.

Read more

About the author

Tim Austwick is the IT Security Director of Recx, an information security company and the developers of ApexSec, a security analysis tool for Oracle Apex applications: http://www.recx.co.uk/ Tim performed security reviews for 50+ Oracle Application Express web applications. The knowledge and experience gained from this process led to the development of the Recx ApexSec static-analysis engine that automates the security assessment process for Apex applications. Oracle also gave public credit to Recx ApexSec for helping to secure Apex 4.1.

Read more
Loading...

Additional Information

Publisher
John Wiley & Sons
Read more
Published on
Apr 9, 2013
Read more
Pages
150
Read more
ISBN
9781118686133
Read more
Language
English
Read more
Genres
Computers / Networking / General
Computers / Security / General
Read more
Content Protection
This content is DRM protected.
Read more
Read Aloud
Available on Android devices
Read more

Reading information

Smartphones and Tablets

Install the Google Play Books app for Android and iPad/iPhone. It syncs automatically with your account and allows you to read online or offline wherever you are.

Laptops and Computers

You can read books purchased on Google Play using your computer's web browser.

eReaders and other devices

To read on e-ink devices like the Sony eReader or Barnes & Noble Nook, you'll need to download a file and transfer it to your device. Please follow the detailed Help center instructions to transfer the files to supported eReaders.
The world's most infamous hacker offers an insider's view of thelow-tech threats to high-tech security
Kevin Mitnick's exploits as a cyber-desperado and fugitive form oneof the most exhaustive FBI manhunts in history and have spawneddozens of articles, books, films, and documentaries. Since hisrelease from federal prison, in 1998, Mitnick has turned his lifearound and established himself as one of the most sought-aftercomputer security experts worldwide. Now, in The Art of Deception,the world's most notorious hacker gives new meaning to the oldadage, "It takes a thief to catch a thief."
Focusing on the human factors involved with information security,Mitnick explains why all the firewalls and encryption protocols inthe world will never be enough to stop a savvy grifter intent onrifling a corporate database or an irate employee determined tocrash a system. With the help of many fascinating true stories ofsuccessful attacks on business and government, he illustrates justhow susceptible even the most locked-down information systems areto a slick con artist impersonating an IRS agent. Narrating fromthe points of view of both the attacker and the victims, heexplains why each attack was so successful and how it could havebeen prevented in an engaging and highly readable style reminiscentof a true-crime novel. And, perhaps most importantly, Mitnickoffers advice for preventing these types of social engineeringhacks through security protocols, training programs, and manualsthat address the human element of security.
“Bruce Schneier’s amazing book is the best overview of privacy and security ever written.”—Clay Shirky

“Bruce Schneier’s amazing book is the best overview of privacy and security ever written.”—Clay Shirky

Your cell phone provider tracks your location and knows who’s with you. Your online and in-store purchasing patterns are recorded, and reveal if you're unemployed, sick, or pregnant. Your e-mails and texts expose your intimate and casual friends. Google knows what you’re thinking because it saves your private searches. Facebook can determine your sexual orientation without you ever mentioning it.

The powers that surveil us do more than simply store this information. Corporations use surveillance to manipulate not only the news articles and advertisements we each see, but also the prices we’re offered. Governments use surveillance to discriminate, censor, chill free speech, and put people in danger worldwide. And both sides share this information with each other or, even worse, lose it to cybercriminals in huge data breaches.

Much of this is voluntary: we cooperate with corporate surveillance because it promises us convenience, and we submit to government surveillance because it promises us protection. The result is a mass surveillance society of our own making. But have we given up more than we’ve gained? In Data and Goliath, security expert Bruce Schneier offers another path, one that values both security and privacy. He brings his bestseller up-to-date with a new preface covering the latest developments, and then shows us exactly what we can do to reform government surveillance programs, shake up surveillance-based business models, and protect our individual privacy. You'll never look at your phone, your computer, your credit cards, or even your car in the same way again.

Hacker extraordinaire Kevin Mitnick delivers the explosiveencore to his bestselling The Art of Deception
Kevin Mitnick, the world's most celebrated hacker, now devotes hislife to helping businesses and governments combat data thieves,cybervandals, and other malicious computer intruders. In hisbestselling The Art of Deception, Mitnick presented fictionalizedcase studies that illustrated how savvy computer crackers use"social engineering" to compromise even the most technically securecomputer systems. Now, in his new book, Mitnick goes one stepfurther, offering hair-raising stories of real-life computerbreak-ins-and showing how the victims could have prevented them.Mitnick's reputation within the hacker community gave him uniquecredibility with the perpetrators of these crimes, who freelyshared their stories with him-and whose exploits Mitnick nowreveals in detail for the first time, including: A group of friends who won nearly a million dollars in LasVegas by reverse-engineering slot machinesTwo teenagers who were persuaded by terrorists to hack into theLockheed Martin computer systemsTwo convicts who joined forces to become hackers inside a TexasprisonA "Robin Hood" hacker who penetrated the computer systems ofmany prominent companies-andthen told them how he gainedaccessWith riveting "you are there" descriptions of real computerbreak-ins, indispensable tips on countermeasures securityprofessionals need to implement now, and Mitnick's own acerbiccommentary on the crimes he describes, this book is sure to reach awide audience-and attract the attention of both law enforcementagencies and the media.
Succeed in managing Oracle Application Express (APEX) environments. This book focuses on creating the right combination of scalability, high-availability, backup and recovery, integrity, and resource control. The book covers everything from simple to enterprise-class deployments, with emphasis on enterprise-level requirements and coverage of cloud and hybrid-cloud scenarios.
Many books cover how to develop applications in Oracle APEX. It’s a tool with a fast-growing user-base as developers come to know how quick and easy it is to create new applications that run in a browser. However, just getting an application off the ground is only a small part of a bigger picture. Applications must be supported. They must be available when users need them. They must be robust against disaster and secure against malicious attack. These are the issues addressed in Oracle Application Express Administration. These are the issues that when tackled successfully lead to long term success in using Oracle APEX as a rapid application-development toolset.
Readers of this book learn how to install the Oracle APEX engine in support of small-scale projects such as at the departmental level, and in support of enterprise-level projects accessed by thousands of users across dozens of time zones. Readers learn to take advantage of Oracle Database’s underlying feature set in regards to application scalability and performance, integrity, security, high-availability, and robustness against failure and data loss. Oracle Application Express Administration also describes different cloud solutions, integration with Oracle E-Business Suite, and helps in taking advantage of multitenancy in Oracle Database 12c and beyond.Covers important enterprise considerations such as scalability, robustness, high-availability.Describes cloud-based application deployment scenarios
Focuses on creating the right deployment environment for long-term success
What You Will LearnInstall, upgrade, and configure robust APEX environmentsBack up and recover APEX applications and their dataMonitor and tune the APEX engine and its applicationsBenefit from new administration features in APEX 5.0Run under multi-tenant architecture in Oracle Database 12cManage the use of scarce resources with Resource ManagerSecure your data with advanced security featuresBuild high-availability into your APEX deploymentsIntegrate APEX with Oracle E-Business Suite
Who This Book Is For

Architects, administrators, and developers who want to better understand how APEX works in a corporate environment. Readers will use this book to design deployment architectures around Oracle Database strengths like multi-tenancy, resource management, and high availability. The book is also useful to administrators responsible for installation and upgrade, backup and recovery, and the ongoing monitoring of the APEX engine and the applications built upon it.


©2018 GoogleSite Terms of ServicePrivacyDevelopersArtistsAbout Google|Location: United StatesLanguage: English (United States)
By purchasing this item, you are transacting with Google Payments and agreeing to the Google Payments Terms of Service and Privacy Notice.