Monday Feb 21, 2011

Register Today for Free Webinar: Oracle Security Online Forum Feb. 24

Oracle and Accenture are holding a new joint event focusing on security. The event will feature great line-up of speakers and sessions that will last from 9:00-1:00pm PT on Thursday, Feb. 24. The event will focus on Security topics that face the enterprise today. The event kicks-off with a keynote presentation detailing emerging security trends and where we think security is headed in the next decade. Please join us for 30 minutes or the entire day.

Key Speakers:

  • Mary Ann Davidson, Oracle’s Chief Security Officer, on industry-leading standards, technologies, and practices that ensure that Oracle products—and your entire system—remain as secure as possible.

  • Jeff Margolies, Partner, Accenture’s Security Practice—on key security trends and solutions to prepare for in 2011 and beyond.

  • Vipin Samar, Vice President of Oracle Database Security solutions—on new approaches to protecting data and database infrastructure against evolving threats.

  • Tom Kyte, Senior Technical Architect and Oracle Database Guru—on how you can safeguard your enterprise application data with Oracle’s Database Security solutions.

  • Nishant Kaushik, Chief Identity Strategist—on how organizations can look to Oracle Identity Management solutions to help them reduce fraud and streamline compliance.

Full List of Sessions: Look here for sessions tab for list

Thursday Aug 26, 2010

Register Today for Free Webinar: Simplify Access Management with F5 & Oracle

On Thursday, August 26.  We are hosting a webcast that will take you through the solution and talk about why we believe this will simplify Access Management.  Please join us as F5 and Oracle product experts explain this simple solution.

Title: Live Webcast: Streamline Access Management with F5 & Oracle

When:  Thursday, August 26, 2010, 10:00 a.m. PT or 1:00 p.m. ET

Where: Register for this live webcast here: Streamline Access Management with F5 & Oracle

Tuesday Aug 17, 2010

Free Webinar Aug. 18: Quick-Start Compliance with Identity Analytics

Identity compliance projects don't have to be hard!  The key to any successful project in IT is delivering value to the business quickly!  It is critical to then leverage those early wins into larger wins for the organization.  When I used to coach I likened this to walking up a staircase.  McKinsey used the analogy to describe the approach successful companies took to manage successful growth. (take a look here)  

Oracle Identity Analytics provides a set of tools that can help organizations take the first step up that staircase to Compliance quickly.  The approach allows organizations to show value quickly and then build upon those early wins to build better security into the organization.  This webcast tomorrow will give insight into how organizations can build in proper segregation of duties, 360 degree review's and proper attestation of roles.  One customer of the product used to print out a conference room of paper and had his compliance auditors and business managers review the roles and access rights to meet compliance.  Imagine if you had the tools to ensure you could make this process easier.  Register today and find out how.

Register Today Here:

 

Customer Stories: Tackling Compliance Challenges with Oracle Identity Analytics

Date: Wednesday, August 18, 2010
Time: 10:00 am PT / 1:00 pm ET

Featured Speakers:

Naynesh Patel,
Partner,
Simeio Solutions
Neil Gandhi,
Principal Product Manager,
Oracle Identity Analytics,
Oracle Corporation

Wednesday Aug 11, 2010

New Download Instructions for Oracle Directory Services Enterprise Edition

The Zone Manager, also known as Brad Diggs, has written a comprehensive blog post (here) on how to get Directory Server Enterprise Edition from Oracle.  As a strategic product, we released a new version of Directory Server Enterprise Edition 11gR1 which Brad also gives great instructions on how to download.  

Also, stay tuned for updated information on our upcoming Oracle Open World plans.  If you have not registered yet, please go to the following page to get more information and register today.


Tuesday Jul 20, 2010

Last Chance to Register: Identity Management 11g Launch Webcast


Date: Wednesday, July 21, 2010
Time: 10:00 a.m. PT / 1:00 p.m. ET

Register here

Thursday Jun 10, 2010

Register for Free Webinar: Neil Gandhi on Identity Analytics ROI

Is your Identity Compliance project a GIANT Headache?  If so, then we have the little blue pill for your  compliance headache.  The reason why many organizations experience pain in the compliance programs they run is because of the lack of automated tools, impact to productivity and lack of ongoing actionable information.  I have seen this first hand.   Organizations usually rely upon project managers and excel spreadsheets collect information from business units and project teams.  This then leads to massive efforts to fill in information and send them back to the central team for documentation and reporting to the auditors.  Ultimately, this information is old before it is collated into the binders and the report is issued.  However, the real result is usually a GIANT HEADACHE for everyone involved.

As Identity theft outpaces any other theft and security challenges for organizations, the problem needs a more efficient solution with better processes and better tools.  Business leaders will believe in investment when they can see better utilization of key resources, better on-going information, proven segregation of duties, and ultimately better security. 

Niel Gandhi, has the "Advil" for your compliance headache with Oracle Identity Analytics.  Register here for the FREE webinar on the ROI of using Identity Analytics.  He is has years of experience solving these problems for organizations around the world.  Additionally, he has extensive experience as Principal Product Manager, Identity Analytics.  Here are a couple of the topics that he will cover in the event:

  • Automate critical identity-based controls such as attestation and segregation of duties
  • Analyze, mine, and correlate user roles for compliant and efficient user access
  • Build comprehensive reports for audit, compliance, and business purposes
  • Utilize business-friendly compliance dashboards and metrics
  • Give a 360-degree view of user’s access and achieve rapid compliance

However, the ultimate goal of his presentation is to make sure you have concrete ways to help you solve your Compliance Headache without breaking the bank.  Hope to see you there!

Live Webcast: Maximize Compliance ROI With Oracle Identity Analytics
Register Here

Date: Thursday, June 24, 2010
Time: 10:00 am PT / 1:00 pm ET


Tuesday Apr 27, 2010

Iron Man 2, Identity Security, Directory Services and the Cloud

If you are a security expert and you have not been to the new Oracle Iron Man 2 website you have to take a look at the cool demo site listed under "Stark Expo".  The intro has a great security questionnaire on Security in the cloud in an cutting edge interface.  If you read yesterday's blog, and went to the Iron-Clad Cloud: Secure Cloud Computing article in the new Security Newsletter, you were able to get an insight into way's Oracle can help secure the cloud.  You will also do well on the questionnaire at "Stark Expo".

 Go Check it out!

In Iron Man 2, Oracle is a proud sponsor of Stark Expo, a world-class tradeshow that depends on a cloud computing architecture to ensure that all systems are free from overload. And that’s where you come in: by becoming a Master Cloud Operative, you’ll help keep Stark Expo up and running. Complete your training, test your troubleshooting skills, and get certified in the Oracle Pavilion.

Friday Apr 23, 2010

New Oracle Security Newsletter

Oracle Identity and Database Security Teams have created a new Security Newsletter. The Newsletter launches this week and will be distributed to customer's who have signed up for the Newsletter via Oracle.com.

In each edition, you'll find news, blog posts, events, webcasts, and much more covering Oracle's Security Solutions. Whether your focus is on identity management or database security, each issue will be filled with the information you need to secure your database, middleware, and applications, and meet IT compliance requirements.

In this inaugural version of the newsletter you will find content on:

You can see the entire newsletter here

Register for future versions of the newsletter by following the directions here.  You can also see samples of all the different newsletter content that is available to stay current and aware of the latest leading news from Oracle.

Friday Nov 13, 2009

Identity in Healthcare Webinar Nov. 18

The  Sun Identity Management team will be giving a webinar next Wednesday to discuss the very important topic of Identity Management and healthcare.  As the healthcare legislation moves through congress the increase of 36M patients on healthcare providers, insurance companies, and patients will be profound.  The cost savings projected by the bills will rely on IT systems to provide increased access to information to drive productivity gains.  As we have seen with recent high profile identity security breeches at hospitals identity security is critical in making sure the right people have access to the appropriate information, that information must be shared with all members of the value chain securely.

Sun's Identity Management Suite provides a powerful package of solutions to help with storing identity information with Directory Server Enterprise Edition;  managing authorization, federation and web services security with OpenSSO; providing provisioning solutions with Identity Manager; and, defining and managing role based access control with Role Manager.

Join this free Webinar to learn how Sun's identity management solutions can help your organization to:

  • Automate management of digital identities for other providers, patients, physicians, clinicians, and payors Provide single sign-on (SSO) and secure federated access to privacy-regulated healthcare information while adhering to strict mandates
  • Enable delegated, self-service password management
  • Comply with the Health Insurance Portability and Accountability Act (HIPAA), internal security policies, and corporate governance policies with complete auditing and reporting capabilities

Sun identity management solutions make it easier for healthcare organizations to manage and share digital information.

Register here.

Topic: Topic: Sun Webinar Series - Identity Management for Healthcare
Date: Wednesday, November 18, 2009
Time: 10:00 am PDT / 1:00 pm EDT / 19.00 CET (check my timezone)
Duration: 1 hour
Speaker:

Sun Product Manager Suresh Sridharan


Saturday Jan 17, 2009

Identity Security Webinar Wednesday, Jan. 21: OpenSSO and OpenDS in One Powerful Solution

There is a great webinar being offered on Wednesday, Jan. 21 which you may have missed the announcement because of all the excitement about the Inauguration and Martin Luther King Holiday in the US.  Daniel Raskin, Product Line Manager OpenSSO, and Jamie Nelson, Director of Engineering for OpenSSO, will be talking about the current release as well as the plans for the next release of OpenSSO Express.  There are already 200 registrants and there is a cap at 250 so register now so you don't get left out!

The Directory crowd should be interested as well, because OpenDS is bundled with OpenSSO and is used as OpenSSO's policy store and can be leveraged as a user store as well.  Here are the details:

Sun Software Webinar:
See how Sun's OpenSSO Enterprise provides a single solution for Web access management, federation, and Web services security.

Join Sun for a live webinar on one of today's most exciting aspects of identity management! During this session, we will discuss OpenSSO innovation and how it pushes access management, federation, and secure Web services capabilities to a new level. Learn how to solve challenges around these capabilities with a single solution.


Event:  Access Management, Federation, and Secure Web Services with OpenSSO Enterprise
Date:  Wednesday, January 21, 2009
Time:  10:00 am PST / 1:00 pm EST

» Register Now

This webinar will be presented by Sun's OpenSSO experts: Daniel Raskin, the senior product line manager, and Jamie Nelson, the director of engineering.
We hope that you can join us!

If you have any questions or feedback, please send a message to SWI_Webinar_Inquiries@sun.com.

Thank you,
Sun Microsystems, Inc.

Sunday Apr 27, 2008

Security Vulnerability in Sun Java System Directory Proxy Server 6.2

Please see original security alert notification at http://sunsolve.sun.com/search/document.do?assetkey=1-66-235381-1

Document Audience:

PUBLIC
Document ID: 235381
Title: Security Vulnerability in Sun Java System Directory Proxy Server May Grant Unauthorized Administrative Access
Copyright Notice: Copyright © 2008 Sun Microsystems, Inc. All Rights Reserved
Update Date: Fri Apr 25 00:00:00 MDT 2008

Solution Type Sun Alert

Solution  235381 :   Security Vulnerability in Sun Java System Directory Proxy Server May Grant Unauthorized Administrative Access  


Related Categories
  • Home>Content>Sun Alert Criteria Categories>Security
  •  
  • Home>Content>Sun Alert Release Phase>Resolved
  •  

Bug ID
6666615

Product
Sun Java System Directory Server 6.0, 6.1, 6.2, Enterprise Edition

Date of Resolved Release
25-Apr-2008

SA Document Body
Security Vulnerability in Sun Java System Directory Proxy Server 
May Grant Unauthorized Administrative Access

1. Impact

A security vulnerability in the Sun Java System Directory Proxy Server may allow a remote unprivileged user to gain unauthorized administrative access to the server. This is caused by the server incorrectly classifying a connection based on the "bind-dn" criteria, resulting in an incorrect policy being applied.

2. Contributing Factors

This issue can occur in the following releases for all platforms (Solaris 8, 9, and 10 SPARC and x86 Platforms, Linux, Windows, and HP-UX):
  • Directory Server Enterprise Edition 6.0, 6.1 and 6.2
Note: Directory Proxy Server 5.2 is not impacted by this issue.


To determine if the Directory Server running on a system is affected, the following command can be used:

$ dpadm -V

If the output contains the version string 6.0, 6.1 or 6.2, the system is affected by this issue.

3. Symptoms

There are no predictable symptoms that would indicate this issue has been exploited.

4. Workaround

There is no workaround for this issue. Please see the Resolution section below.

5. Resolution

This issue is addressed in the following releases:

DSEE 6.3 Native Package Versions:
  • Solaris 9 and 10 SPARC patch 125276-07 or later
  • Solaris 9 x86 patch 125277-07 or later   
  • Solaris 10 x86 and x64 patch 125278-07 or later
  • Linux patch 125309-07 or later
DSEE 6.3 PatchZIP (Compressed Archive) versions:
  • Solaris 9 and 10 SPARC patch 126748-04 or later
  • Solaris 9 x86 patch 126749-04 or later
  • Solaris 10 x86 and x64 patch 126750-04 or later
  • Linux patch 126751-04 or later
  • Windows patch 126753-04 or later
  • HP-UX patch 126752-04 or later
Note: The above patches can be installed on any impacted release to upgrade it to version 6.3, thereby resolving this issue.

For more information on the upgrade process please see the following:

Directory Server 6.3 Release Notes are available at:


and the Directory Server 6.3 Installation Guide is available at:


For more information on Security Sun Alerts, see Technical Instruction ID 213557.

This Sun Alert notification is being provided to you on an "AS IS" basis. This Sun Alert notification may contain information provided by third parties. The issues described in this Sun Alert notification may or may not impact your system(s). Sun makes no representations, warranties, or guarantees as to the information contained herein. ANY AND ALL WARRANTIES, EXPRESS OR IMPLIED, INCLUDING WITHOUT LIMITATION WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE, OR NON-INFRINGEMENT, ARE HEREBY DISCLAIMED. BY ACCESSING THIS DOCUMENT YOU ACKNOWLEDGE THAT SUN SHALL IN NO EVENT BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, PUNITIVE, OR CONSEQUENTIAL DAMAGES THAT ARISE OUT OF YOUR USE OR FAILURE TO USE THE INFORMATION CONTAINED HEREIN. This Sun Alert notification contains Sun proprietary and confidential information. It is being provided to you pursuant to the provisions of your agreement to purchase services from Sun, or, if you do not have such an agreement, the Sun.com Terms of Use. This Sun Alert notification may only be used for the purposes contemplated by these agreements.

Copyright 2000-2008 Sun Microsystems, Inc., 4150 Network Circle, Santa Clara, CA 95054 U.S.A. All rights reserved.


Attachments
This solution has no attachment
About

This blog provides information regarding the Oracle Directory Server Enterprise Edition and Oracle Unified Directory products. Use this blog to get the latest breaking information regarding releases and updates plus other technical and non-technical information.

Search

Archives
« April 2014
SunMonTueWedThuFriSat
  
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
   
       
Today