Which database is more secure? Oracle vs. Microsoft

David Litchfield from NGSSoftware has posted an extremely interesting whitepaper comparing the numbers of security flaws identified by external security researchers and subsequently fixed by Oracle and Microsoft in regard to their database products. The paper makes very positive reading for Microsoft and seems to validate the SDL (Security Development Lifecycle) approach taken after Slammer. There have been no security flaws reported by external researchers for SQL 2005!
Published Friday, November 24, 2006 11:05 PM by sqldbatips
Filed under:


Saturday, November 25, 2006 7:13 PM by Brian Kelley

# NGSSoftware compares Oracle and SQL Server security

I first saw this at SQL Server MVP Jasper Smith's blog post Which database is more secure? Oracle vs....