Using Oracle Solaris to Secure Your Web Applications from Common Attacks

Version 1

    Nowadays, people are paying increased attention to the security of web applications deployed on premises or in the cloud. How do you protect your web applications from known vulnerabilities, such as Apache Struts 2 remote command execution and Apache Commons Collections deserialization, or any unknown vulnerabilities? The built-in security capabilities of Oracle Solaris can help you. In this hands-on lab (HOL), you will learn how to use Oracle Solaris security features, such as process privilege management, auditing, Oracle Solaris Immutable Zones, Oracle Solaris IP Filter, and ZFS encryption, to prevent common web application attacks, provide data safety, and detect intrusion quickly. The lab also demonstrates how to use Oracle Solaris virtualization technologies to isolate the web server from denial-of-service (DoS) attacks.

     

    By Yu Wang, Ran Cheng and Gang Wang, Oracle