Application Express (ApEx)

Oracle Application Express (Oracle APEX), formerly called HTML DB, is a rapid web application development tool for the Oracle database. Using only a web browser and limited programming experience, you can develop and deploy professional applications that are both fast and secure. Oracle application express combines the qualities of a personal database, productivity, ease of use, and flexibility with the qualities of an enterprise database, security, integrity, scalability, availability and built for the web. Application Express is a tool to build web-based applications and the application development environment is also conveniently web-based.

A more generic description is needed, this is a copy from the Oracle ApEx Site


 * ApEx:XSS
 * ApEx:SQL injection
 * ApEx:URL Tampering
 * ApEx:Authentication
 * ApEx:Authorization Schemes
 * ApEx:Defence in depth
 * ApEx:Configuration
 * ApEx:Google dorks
 * ApEx:Architecture

External Resources
There have been two books written specifically about Oracle APEX and security, both released in 2013.


 * [1] Expert Oracle Application Express Security
 * [2] Hands-On Oracle Application Express Security: Building Secure Apex Applications