The benchmark could keep application vendors in the security loop following the sale. Last week’s announcement by the U.S. Department of Energy that it will require Oracle Corp. to deliver software that’s configured for optimal security and then provide immediate postdeployment support for security patches may signal the beginning of a dramatically different security model for the government and industry, security experts said. The potential shift stems from the government’s push to use a new security configuration benchmark developed by the Center for Internet Security (CIS) to test and certify Oracle database versions 8i and 9i running on Windows and Unix. The benchmark, developed with dozens of Oracle software users and the SANS Institute through the CIS, will be available to anyone, free of charge, at the CIS Web site. Full Story
About OODA Analyst
OODA is comprised of a unique team of international experts capable of providing advanced intelligence and analysis, strategy and planning support, risk and threat management, training, decision support, crisis response, and security services to global corporations and governments.