As many of you have probably heard, there has been much discussion this year regarding vulnerabilities in PeopleSoft’s PS_TOKEN. The talk all started after a presentation from ERPScan, which basically said that a PeopleSoft node’s password can be gained by brute force against a PS_TOKEN. This would allow someone to… Read More »Disabling PS_TOKEN with PSEatCookies Filter
Time for everyone’s favorite language: COBOL! Well, it’s not my favorite, and probably not your favorite, but it is important to PeopleSoft. Many core programs in HR use COBOL and will most likely stay COBOL for a while. Those COBOL programs are stable, fast, and once you compile you rarely… Read More »All About COBOL
We are setting up some new web servers and need to implement strong security on them. By default, a fresh PIA install on WebLogic 11g (compatible with 8.50-8.53) will have SSL enabled, weak ciphers, and missing the full strength cryptography libraries. For a secure web server, we’ll want to make… Read More »Enhanced Security with JSSE/JCE on WebLogic