• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 920
  • Last Modified:

Security Assessment

The application system is a client-server application. The clients run on Windows XP and the Database server is on Oracle 9i. What are security checklist to access the application & security checklist for the database.
The objective is to access the security of the application, and if there is vulnerabalities.
Can someone point me to both of the checklists.

0
Arifnor
Asked:
Arifnor
  • 6
  • 4
3 Solutions
 
ArifnorAuthor Commented:
Hi Sarang,

Your list are good. But would be better, if you can add few more checklists (even a generic will be fine) on application security (what are those security functionalities that must be there at the client & the server) & also Oracle Security Checklist.

I am waiting for your response. Thanks.
0
 
sarangk_14Commented:
Hi,

I have included the oracle checklists (last 2 items) in my previous post.
Can you provide more details on the platform used for the application?
0
Put Machine Learning to Work--Protect Your Clients

Machine learning means Smarter Cybersecurity™ Solutions.
As technology continues to advance, managing and analyzing massive data sets just can’t be accomplished by humans alone. It requires huge amounts of memory and storage, as well as the high-speed power of the cloud.

 
ArifnorAuthor Commented:
Hi,
The client platform is on Windows XP, The database server is Oracle 9i running on top HP_UX 11, Domain Servers running on Windows 2003.
BTW, I cannot access cissecurity, as I am not a member, can you pass those document to me :-).

Hope to get positive response, especially cissecurity documents.
0
 
sarangk_14Commented:
Well, the membership to CIS is free, you just need to register on the web-site.
0
 
sarangk_14Commented:
A small correction, the membership is not free, but you can register on the links page and download the documents free of cost.
0
 
ArifnorAuthor Commented:
Thanks Sarang,

Any last advice from you in term security assessment before I close the question and accept as a solution. Especially on HP-UX & Oracle.
0
 
sarangk_14Commented:
Visit the NIST NVD (National Vulnerability Database) for guidance more on DBs and O/Ss.
For App Sec purposes, OWASP and SANS websites can be life-savers.
http://nvd.nist.gov/
www.owasp.org/
http://www.sans-ssi.org/

Warm regards,
Sarang
0
 
ArifnorAuthor Commented:
Execellent resource link for everyone.
0

Featured Post

 The Evil-ution of Network Security Threats

What are the hacks that forever changed the security industry? To answer that question, we created an exciting new eBook that takes you on a trip through hacking history. It explores the top hacks from the 80s to 2010s, why they mattered, and how the security industry responded.

  • 6
  • 4
Tackle projects and never again get stuck behind a technical roadblock.
Join Now