Oracle Security’s Post

As I mentioned one of my last posts, Oracle Cloud has a new product, Zero Trust Packet Routing (ZPR). This product could be a game changer for improving cybersecurity. By embedding security at the packet level, one could improve if not eliminate security drift. Check ZPR out here: 👇 👇 👇 👇 👇 👇 👇 👇 👇

SANS Multi-Cloud Data Security Workshop - Featuring material from SEC510: Cloud Security Controls and Mitigations (event that run in 18 March 2024)   📌Many thanks to Brandon Evans for interesting and practical presentation (workshop with practical exercises, tests and use cases)   📌The recording of entire event can be accessed at: https://lnkd.in/dPMgYQUg    📌Many thanks to Cloud Security Alliance – SANS Institute for total support!   Many thanks to all those who participated in the event and who are part of the #Romanian and #Global #Cloud #Security #Community.   We will keep all of you posted on future events and will provide cloud security, legal, economic and technical valuable materials.   Follow us ! Join us ! Let's be the best together ! PS: For those who took part in the event, but did not manage to complete the registration form (with contact details), they can request the certificate of participation at [email protected]   #awareness #data #procedures #information #reglementation #research #online #cyber #prevention #protection #reaction #cybercrime #impact #crisis #prevention #cybersecurity #analysis #security #womenincyber #securitybydesign #digital #responsibility #technology #monitoring #communication #behavior #controlling #perspective #riskmanagement #dangerous #strategy #damages #privacy #data #dataintegrity #availability #resources #planning #assessment #vulnerabilities #exploits #capabilities #mission #control #incident #threatintelligence #measures #study #education #professional #team #leaders #risk #economic #financial #crime #sustainability #governance

🏁 Day - 104 Encryption over the wire: Encryption over the wire is now the default for current protocols. For instance, HTTPS is generally required for modern cloud APIs. Data engineers should always be aware of how keys are handled; bad key handling is a significant source of data leaks. In addition, HTTPS does nothing to protect data if bucket permissions are left open to the public, another cause of several data scandals over the last decade. Engineers should also be aware of the security limitations of older protocols. For example, FTP is simply not secure on a public network. While this may not appear to be a problem when data is already public, FTP is vulnerable to man-in-the-middle attacks, whereby an attacker intercepts downloaded data and changes it before it arrives at the client. It is best to simply avoid FTP. Make sure everything is encrypted over the wire, even with legacy protocols. When in doubt, use robust technology with encryption baked in. How it started: 👇 https://lnkd.in/gFtwbqkV #dataengineering #dataengineer #dataanalytics #datascience #datanerd

To progress effectively in cybersecurity, mastering the fundamentals is essential. That’s why I’m launching a series of "Back to Basics" articles, which will highlight key concepts that are important to understand. Here is the first article, focusing on the transport layer, specifically the TCP and UDP protocols. https://lnkd.in/gqMj5wbQ Happy reading!

Day -95 Encryption over the wire:- Encryption over the wire is now the default for current protocols. For instance, HTTPS is generally required for modern cloud APIs. Data engineers should always be aware of how keys are handled; bad key handling is a significant source of data leaks. In addition, HTTPS does nothing to protect data if bucket permissions are left open to the public, another cause of several data scandals over the last decade. Engineers should also be aware of the security limitations of older protocols. For example, FTP is simply not secure on a public network. While this may not appear to be a problem when data is already public, FTP is vulnerable to man-in-the-middle attacks, whereby an attacker intercepts downloaded data and changes it before it arrives at the client. It is best to simply avoid FTP. Make sure everything is encrypted over the wire, even with legacy protocols. When in doubt, use robust technology with encryption baked in. What made me to start #100daysofDataEngineering:- https://lnkd.in/gSw5Thm6 #bigdata #dataengineering #dataengineer #data #sql #security

The best defenses against #dataleakage are based on principles of security and visibility. These three simple steps will help you secure your data: comprehensive data discovery and classification, access review, and enforcement of least privilege access to sensitive data. #datasecurity #datadiscovery #dataclassification #dataaccessreview #leastprivilege #sensitivedata #plp #dataaccessgovernance #cloudsecurity

Day -95 Encryption over the wire:- Encryption over the wire is now the default for current protocols. For instance, HTTPS is generally required for modern cloud APIs. Data engineers should always be aware of how keys are handled; bad key handling is a significant source of data leaks. In addition, HTTPS does nothing to protect data if bucket permissions are left open to the public, another cause of several data scandals over the last decade. Engineers should also be aware of the security limitations of older protocols. For example, FTP is simply not secure on a public network. While this may not appear to be a problem when data is already public, FTP is vulnerable to man-in-the-middle attacks, whereby an attacker intercepts downloaded data and changes it before it arrives at the client. It is best to simply avoid FTP. Make sure everything is encrypted over the wire, even with legacy protocols. When in doubt, use robust technology with encryption baked in. What made me to start #100daysofDataEngineering:- https://lnkd.in/gSw5Thm6 #bigdata #dataengineering #dataengineer #data #sql #security

Achieving #compliance in the world of file-based integrations is necessary to ensure data protection as well as Enterprise's reputation. Elevate your data security standards with #Axway #MFT. MFT allows for ⚔ Layered security architecture, 🔒 Streamlining the encryption needs, 🔑 Strong access control measures and 🔍 comprehensive monitoring across the transactions and user activity. For in-depth details on how #PCI-DSS is covered, visit my new blog here - https://lnkd.in/gDAXKYKx

Data visibility and security are more critical than ever. Discover how combining IBM Discover and Classify with Guardium offers a powerful solution to protect sensitive information across your organization. Dive into how these tools can help you stay ahead of potential threats and maintain compliance. https://hubs.ly/Q02PSL180 #DataSecurity #CyberResilience #DataProtection #IBMSecurity #IBMAmplify #IBMPartners

In 2023, the global cost of a data breach, on average, hit an astonishing $4.45 million, according to IBM. As organizations continue to adopt microservices and serverless architectures for modern data pipelines, it is high time for robust security and privacy measures. Data breaches can result in financial losses, regulatory penalties, and a decline in customer trust without proper safeguards. Click on this link to learn how to secure your data pipelines and prevent costly risks: https://lnkd.in/gUH-XvxS #Wissen #DataSecurity #CyberSecurity #Data #ModernDataArchitecture #Microservices #Serverless