Ever since Oracle started a quarterly patch cycle for security patches, it seems that people are more confused than ever. Should I be installing these things right away? What about testing? Are there functionality patches that are "snuck" into the security patches? My company has a four month testing cycle and it would be a full time job just to keep up with quarterly patches so can I just do them once a year?
These are all questions that can be asked and answered at the IOUG/Oracle Software Security Assurance Town Hall. We will have Senior Managers and Directors from all the security teams to answer these and any other security assurance questions. This does not mean that they will be trying to sell you new tools, but rather will be there to give you as much information as they can about security and how Oracle is trying to make all the software as secure as possible.
Have you wondered where the Configuration Manager information that is gathered goes? Have you not allowed the installer to gather information or include your e-mail because you don't want a more spam? Make sure to come to the session and ask how this information is really used.
I will be moderating this session on Sunday, October 11 at 10:30 in room 2003 in Moscone West. This will be an excellent opportunity to discuss any Oracle security questions with the people that know, or can find, the information. The database, applications, middleware, and My Oracle Support teams will all be represented. Check out the session information here. Make sure to reserve your seat through Content Builder today and get your questions answered!