Petefinnigan - petefinnigan.com - Pete Finnigan's Oracle security weblog
General Information:
Latest News:
Oracle 12c Security - SQL Translation and Last Logins 31 Jul 2013 | 02:12 pm
There has been some big new security items added to 12cR1 such as SHA2 in DBMS_CRYPTO, code based security in PL/SQL, Data Redaction, unified audit or even privilege analysis but also as I hinted in s...
Hacking Oracle 12c COMMON Users 23 Jul 2013 | 05:53 pm
The main new feature of Oracle 12cR1 has to be the multitennant architecture that allows tennant databases to be added or plugged into a container database. I am interested in the security of this of ...
Oracle Security Loop hole from Steve Karam 23 Jul 2013 | 05:53 pm
I just saw a link to a post by Steve Karam on an ISACA list and went for a look. The post is titled " Password Verification Security Loophole ". This is an interesting post discussing the fact that AL...
Oracle Database 12c Security Auditing 8 Jul 2013 | 08:31 pm
I started to ask a question a few blog posts ago about how does the 12cR1 database affect database security audits. I have decided to come back to it now as it is a good chance to do so. I....[Read Mo...
Oracle 12cR1 Database Security - Default Users 5 Jul 2013 | 05:26 pm
Has the problem of default users got bigger or smaller in 12cR1. I have some figures that I have collected over the years from various versions of the Oracle database (these figures are for different ...
Oracle Database 12c Security - Privileges and users - The Beginning 5 Jul 2013 | 05:26 pm
In this blog post is to look at some high level things to do with database users (for me) in terms of planning security assessments in the 12c database. This is to get some ground rules down when cons...
Oracle 12c Security 4 Jul 2013 | 01:24 pm
Well it has been a long time to wait for 12cR1 to be released. The beta program has been on for a long time and I was not involved so I didnt get to see 12c until last week for....[Read More] Posted ...
Credit Card Security and Passport Security 24 Jun 2013 | 02:25 pm
Credit card security should be important for all those concerned with handling and processing credit cards. My company does security audits of Oracle databases and we quite often get involved in credi...
Oracle Security Posts And Conferences 14 Jun 2013 | 12:58 pm
The latter part of the title of this blog post first!. I submitted a couple of entries for the up-coming UKOUG Oracle conference this year; I hope that they will be accepted. The Judging process is on...
Oracle Security WebSite Woes! 12 Jun 2013 | 04:19 pm
For the last week some of you may have noticed issues with our website PeteFinnigan.com as at times it failed completely or was giving 403 errors even where there was no protected regions of the site ...