Summary
Security is not an easy subject, and should be considered all the time and with each piece of code that you write. All layers involved with Oracle Application Express should involve insecurity; this means the web server, database, and the application itself. There is a fine balance between security and productivity. Too much security means a hard time doing your job, and too little means exposing the system to a security breach. Basic security hardening is just a matter of knowing where the weaknesses are. Organizations need to have their patches and CPU patches strategy in place. Patching is very important when hardening security. Think about security before it is too late, as it could have negative consequences for you and your organization!
A general advice is making use of Application Express built-in security capabilities and the Application Express Advisor.
Besides this, perform an Application Express analysis by making use of third-party analysis tools.
