Oracle Alienates Security Researchers with Hostile Blog Post

Oracle damaged its relationship with security researchers and customers when its Chief Security Officer (CSO) threatened those who independently evaluate the security of Oracle’s software. In a blog post, the CSO criticized customers for scanning Oracle’s software for security vulnerabilities, and revealed that Oracle threatens legal action against those who persist in the practice. The post was widely condemned by security researchers, who called it “crazy,” “arrogant,” and “dangerous.” Oracle removed the blog post and issued a statement that the post “does not reflect our beliefs or our relationship with our customers” but, in the words of one reporter, “the public relations damage [was] already done.”