Microsoft SQL Server Tops Oracle in Security Showdown?
Thursday September 20, 2007
Recently, an industry analyst posted the results of security study comparing three top databases: Microsoft SQL Server, Oracle and MySQL. Based upon those results, he claims that Microsoft SQL Server is the most secure database available on the market today.
Does this study hold water? In my opinion, it does not. The sole metric used was the number of vulnerabilities listed in the CVE database for each platform. This is merely an indication of the quantity of security-related flaws discovered in the platform. The study doesn't give any weight to the severity of the flaws or the likelihood of the existence of additional flaws.
Interested in the raw results? The study discovered that, during the reporting period, Oracle had 70 vulnerabilities, MySQL had 59 and SQL Server had only 2.
Does this study hold water? In my opinion, it does not. The sole metric used was the number of vulnerabilities listed in the CVE database for each platform. This is merely an indication of the quantity of security-related flaws discovered in the platform. The study doesn't give any weight to the severity of the flaws or the likelihood of the existence of additional flaws.
Interested in the raw results? The study discovered that, during the reporting period, Oracle had 70 vulnerabilities, MySQL had 59 and SQL Server had only 2.
Comments
No comments yet. Leave a Comment