The Oracle Applications Security Blog will be an unique analysis and commentary on Oracle related security topics, especially related to Oracle Applications (the official product name is "Oracle E-Business Suite"). Since the Oracle Applications technology stack also includes most of the other Oracle products, I will also cover the Oracle Database, Oracle Application Server, and Oracle development products.
My goal is to use this as a forum for some experimentation into presenting security topics in a different way.
I believe the security community generally does a poor job of communicating with the rest of world and does not understand the Oracle products. I am looking to borrow techniques and ideas from other disciplines, like economic forecasting, to provide information that will help you to make better decisions and plans related to the security of your Oracle implemenations.
Please feel free to e-mail me any comments, suggestions, or other feedback. As this is an on-going "project" (aka experiment), I am more than open to feedback either positive or negative.
- Stephen Kost