Which database is more secure? Oracle vs. Microsoft

David Litchfield from NGSSoftware has posted an extremely interesting whitepaper comparing the numbers of security flaws identified by external security researchers and subsequently fixed by Oracle and Microsoft in regard to their database products. The paper makes very positive reading for Microsoft and seems to validate the SDL (Security Development Lifecycle) approach taken after Slammer. There have been no security flaws reported by external researchers for SQL 2005!
Published 24 November 2006 23:05 by sqldbatips
Filed under:

Comments

25 November 2006 19:13 by Brian Kelley

# NGSSoftware compares Oracle and SQL Server security

I first saw this at SQL Server MVP Jasper Smith's blog post Which database is more secure? Oracle vs....