The Oracle Security blog discusses Oracle's security policies and practices, and explores security trends.

Security Trends

Oracle Security

Processor vulnerabilities CVE-2018-3640 (“Spectre v3a”) and CVE-2018-3639 (“Spectre v4”)

The Oracle security and development teams are aware of vulnerability CVE-2018-3640 (a.k.a. “Spectre v3a”) and CVE-2018-3639 (a.k.a. “Spectre v4”).  Oracle is...

Industry Insights

What Is Assurance and Why Does It Matter?

If you are an old security hand, you can skip reading this. If you think "assurance" is something you pay for so your repair bills are covered if someone hits...

Security Trends

The State of Open Source Security

Open source components have played a growing role in software development (commercial and in-house development). The traditional role of a developer has evolved...

Industry Insights

Common Criteria and the Future of Security Evaluations

For years, I (and many others) have recommended that customers demand more of their information technology suppliers in terms of security assurance – that is,...


Integrated Cloud Applications & Platform Services