Oracle APEX Security Tutorial
Learn how to harden your Oracle APEX applications! Prevent cross site scripting, SQL injection and more.
Oracle Application Express (APEX) has many security related features that help developers create applications that are guarded from today’s web based threats. But if developers are unaware of these features, how they work and what they guard against, then it is likely they will create applications with at least a few security holes. In this tutorial you will see demos of certain exploits, including Cross Site Scripting and SQL injection, and subsequently learn how to protect against them using the correct feature(s) in APEX or Oracle in general.
This free training is segmented into several separate lessons:
- Overview (1:21)
- Is APEX Secure (1:13) (click on video below) (click to read the Transcript)
- Controlling Access (0:57)
- Authentication Schemes (3:08)
- Conditions vs Authorization (12:45)
- Protect the Ends (12:45)
- Propagate the WHERE (3:47)
- Session State Protection (8:44)
- Other Session State Protection (3:24)
- SQL Injection (5:16)
- Cross Site Scripting (9:05)
Date: Sep 27, 2012
NOTE: Some corporate firewalls will not allow videos hosted by YouTube.