AT RECX we’ve been involved in the world of IT Security for more than a decade. We were
involved in some of the fi rst penetration tests performed in the UK, where large organizations and
government departments allowed ethical hackers into their networks to determine the risk they
faced from what are now known as cyber attacks.
As web applications rose in popularity around the turn of the century, we worked to develop tools
and tactics to assist in attacking sites for customers. As more content was placed within web-based
systems, this area of research grew almost in tandem with the number of real-world attacks that
were happening against Internet-facing websites.
In recent years, we became exposed to Oracle Application Express (APEX) and realized that there
was no single resource for developers on securing their APEX applications. We were able to break
into APEX applications in a myriad of ways after learning about the unique structure of the APEX
environment. But we had to learn from scratch why the security fl aws existed and how to explain to
developers the steps required to resolve the risks. We’ve collated this experience and advice into this
book to help any APEX developer create secure APEX applications.
Oracle APEX use is booming, and we’re seeing more Oracle customers choosing APEX for
presentation of their business data from the database. Some customers have hundreds of APEX
applications, ranging in complexity from simple data presentation and reporting through to complex
business process management and geospatial analysis. Many have serious security requirements and
need to ensure that their data is protected both from unknown parties operating on their networks,
and also their “trusted” users acting with malicious intent.
APEX is a great tool for rapidly getting raw data out of the database and into a familiar browser
environment for users. Whereas there is a gain in terms of functionality in this Rapid Application
Development (RAD) model, what we often see is a detrimental effect on security. That’s where Recx
comes in — we hope this book is useful for all levels of APEX developers to understand the common
risks faced by web applications, how they occur within APEX, and the simple steps required to
ensure applications are robust against attack.
The Designer's Guide to SPICE and Spectre® (The Designer's Guide Book Series) The Designer's Guide to SPICE and Spectre® is an in-depth guide to circuit simulators from a designer's perspective: the pitfalls of circuit simulation, such as convergence and accuracy problems, are explained in terms a circuit designer is comfortable with. The book gives designers insight into why these problems occur and how to... Marketing Demystified
The goal of marketing is simple: attract customers who will purchase your product. Getting there, though, isn't so easy. Real marketing success involves a strong foundation in everything from planning, advertising, and publicity to Internet strategies, database management, and more. Enter Marketing DeMystified. Addressing every...
Design Patterns: Elements of Reusable Object-Oriented Software
Capturing a wealth of experience about the design of object-oriented software, four top-notch designers present a catalog of simple and succinct solutions to commonly occurring design problems. Previously undocumented, these 23 patterns allow designers to create more flexible, elegant, and ultimately reusable designs without having to...
Maximum Security, Fourth Edition Maximum Security, Fourth Edition provides updated, comprehensive, platform-by-platform coverage of security issues, and includes clear, to the point descriptions of the most common techniques hackers use to penetrate systems. This book provides information for security administrators and others interested in...