Security Blogs

I did a talk in Slovenia in 2022 that explores the questions, "What is Database Vault?" and "What can we do if we don't have Database Vault?". I have posted the slides to our website today and the talk is....[Read More]

Posted by Pete On 18/09/23 At 01:00 PM

I did a talk in 2022 called CreatingOnion Layers of Security and as you can see from the previous link I have posted a pdf of my MS PPT slides to our website. I have also added the talk to....[Read More]

Posted by Pete On 15/09/23 At 02:01 PM

I did a talk at the beginning of the year virtually in Slovenia at a security conference. The slides are available and I have added the paper also to our Oracle Security White Papers page . I have spoken about....[Read More]

Posted by Pete On 11/09/23 At 11:21 AM

I have been going through my laptop and found that I have quite a few presentations on my laptop that have not been uploaded to our website so I have decided to start to upload a few one by one....[Read More]

Posted by Pete On 08/09/23 At 01:23 PM

I wrote a short blog post last week regarding GDPR and the Oracle database and discussed at a high level the main articles that could affect your security plans for an Oracle database. As I said last week GDPR Speaks....[Read More]

Posted by Pete On 04/09/23 At 12:16 PM

I received a copy of Jamal Ahmeds book The Easy Peasy Guide to the GDPR last night. Of course I have not had chance to read it fully yet BUT I did have a read of the introduction and recommendations....[Read More]

Posted by Pete On 25/08/23 At 11:59 AM

This has become a multi-part post about Traditional Audit in the 23c database. The first part - Oracle 23c Traditional Audit De-supported - discussed the fact that traditional audit is de-supported in 23c BUT if you migrate and the older....[Read More]

Posted by Pete On 21/08/23 At 01:00 PM

I run a company that specialises in securing data for customers in their Oracle databases but I still love to code in many languages. This can either be for customers projects or to create tools to use myself in helping....[Read More]

Posted by Pete On 17/08/23 At 01:21 PM

I wrote a post at the end of last week that told that Oracle deprecated traditional audit in 21c and de-supported it in 23c. Oracle honour the traditional audit settings in 23c if you migrated from an older database BUT....[Read More]

Posted by Pete On 14/08/23 At 09:28 AM

It has been a long time coming. Traditional audit has been around since Oracle 6 and the new unified audit was added 10 years ago in Oracle 12c; at first unified audit was in a secure file and was slow....[Read More]

Posted by Pete On 11/08/23 At 02:45 PM

It has been possible to wrap PL/SQL for many years using Oracle tools and in the first iterations in Oracle 7 this was done with the Oracle 7 wrap.exe and this progressed through Oracle 8, 8i and finally 9iR2 also....[Read More]

Posted by Pete On 31/07/23 At 10:18 AM

I recently released part one of a three part post about securing data in an Oracle database. That post was titled " Securing Insecure Oracle Databases " and can be read by following the link. As we discussed in the....[Read More]

Posted by Pete On 20/07/23 At 12:24 PM

First, before we get into the subject of the blog; I just received an email from the Oracle ACE program and I have been awarded Oracle ACE for another year until end of May 2024; hopefully more years after that....[Read More]

Posted by Pete On 14/07/23 At 01:34 PM

I had a call from a long time customer yesterday whilst I was travelling. They are no where near going to cloud yet even for some test/dev type databases. They have quite a lot of databases and around 80% fall....[Read More]

Posted by Pete On 11/07/23 At 11:33 AM

Protecting legacy applications and legacy Oracle databases is hard because of the application was not written in house or is third party custom written or a COTS package then the database design was not done by you and is not....[Read More]

Posted by Pete On 07/07/23 At 10:37 AM

I had an email from an Oracle colleague a few days ago asking me a question about Oracle Unified Audit in 19c. He wanted to be able to track when someone with the DBA role accesses objects in a particular....[Read More]

Posted by Pete On 03/07/23 At 03:17 PM

Happy 29th June - One day late as I was working with a customer yesterday. This date, 29th June for me seems to be like November the 5th 1955 for Back To The Future. I was at Selby railway station....[Read More]

Posted by Pete On 30/06/23 At 10:31 AM

Oracle has added the ability to create read only users in 23c. This is by using a new ALTER USER or CREATE USER syntax and including the READ ONLY or READ WRITE clauses. Lets do a simple demo of this....[Read More]

Posted by Pete On 26/06/23 At 12:04 PM

I have recently posted a 3 part series exploring at a high level the new SQL Firewall released in Oracle 23c Free. The parts are: Part 1 - Introduction: Part 2 - Learning and set up phase: Part 3....[Read More]

Posted by Pete On 22/06/23 At 12:42 PM

This is the third part of a series of posts discussing and testing the new SQL Firewall released in 23c Free recently. The three parts are: Part 1 - Introduction : This is this post where we introduce the SQL....[Read More]

Posted by Pete On 19/06/23 At 09:16 AM