Author Archives: rlockard
Here we’re just discussing Database Firewall! Oracle AVDF 20.7 now supports TLS. Here I’m using TLS Conn 1 and TLS Conn 2 to represent two distint TLS connections. For database firewall to use this, the traffic must be decrypted at … Continue reading
Dude, it’s easy! Download the wallet. I will rename the zip file to something that makes sense to me. In this case avdf_test_db.zip (that’s because I’m using this database to test Audit Vault Database Firewall. See, it makes sense! startup … Continue reading
Statistics data is stored in the sysaux tablespace, if you’re not using full database encryption, then you have unencrypted data. In OCI, this is encrypted by default.
If you use datapump to get an export of your database, then please encrypt your exports. Even if you’re using TDE, this spillage can happen. To fix this, use the encryption parameter on the command line. This will prevent data … Continue reading
–As a user with create role privileges and the ability to grant — the required privileges to the role. ie: DBA conn rob_dba@demo create role <role>; grant <privilege> on <object owner>.<object name> to <role>; grant <role> to <package owner> with … Continue reading
After migrating your database to OCI; if you don’t need the data anymore on your local system(s), you should do a secure delete on all your local datafiles. If you are going to need the data again, then move the … Continue reading
Do you see the problem with the following code fragment?c##sec_admin > administer key management set keystore open identified by SecretPassword; If your network is not encrypted, your password will be sent in the clear. This is part of the huge advantage … Continue reading
Ya’ know, it’d be really nice if someone put together some baseline security standards for the Oracle database. Well, you can find those is a couple of places. These tools checklist are free to use. Now, I’m partial to the … Continue reading
Oracle AFDF can track the usage of sensitive data in your database, this includes, who can access, who has made changes, and access by privileged users. Improving your ability to keep an eye on what is happening with sensitive data. … Continue reading
We’re going to be discussing database parameters that if not set correctly, it will allow hackers full access to the database.
Oracle Privilege Analysis for testing, before moving to production. #LeastPrivilege #Infosec #Oracle #Privileged
In the testing phase, we normally test functionality and break the application. There is something that’s missing. Now, most developers are not experts in how privileges work in Oracle, this is not a bad thing because privileges can be complex … Continue reading
May 6, 2017 the Economist published an article that data is more valuable than oil. https://www.economist.com/leaders/2017/05/06/the-worlds-most-valuable-resource-is-no-longer-oil-but-data Every year I “try” to figure out what tools I need to sharpen, what tools I need to pick up, and what tools can … Continue reading
I get to chat with Liron Amitzi and Jim (The Why Guy) Czuprynski about what interest me the most. Keeping your IT infrastructure safe and culture. https://beyondtechskills.com/episodes/if-you-aint-paranoid-you-aint-payin-attention-rob-lockard-on-cybersecurity-culture#T
I had the pleasure of chatting with Peter Wahl, Oracle Principle Product Manager for Encryption and Secrets. He gives a great talk on Transparent Data Encryption and Oracle Key Vault.
It seems not a day goes by where I’m not humbled in some way or another. Frequently this happens due to limits of my knowledge or something I’d forgotten. There is a wrinkle when you combine Unified Auditing and Virtual … Continue reading
Where am I speaking this fall? Poland and Croatia conferences have been confirmed. Waiting for Spain, and ECOUG. Let’s get back to normal and be safe about it. Looks like I’ll be busy for the next several months. Life is … Continue reading
Life is busy and good; new Some of y’all may already know, after almost thirty years of working for myself, I accepted a position with Accenture Enkitec Group as Technology Innovation Principal Director and the Global Lead for Database Security. … Continue reading
March and April are booking up fast. Getting real busy and loving life. Utah Oracle Users Group (UTOUG) March 17 – 18 Keynote: “Curves ahead: Emerging technology threats.”, “Holistic Database Security in the cloud.”, and “PL/SQL Secure Coding in the … Continue reading
In our series on the future of AI, here is the interview with Sandesh Rao, VP Autonomous Health and Machine Learning at Oracle
I’ve spoken in the past about the utility of blockchain, to create a table that can not be altered. Oracle 21C is now available in OCI. The syntax to create a blockchain table is quite simple. create blockchain table test … Continue reading
We have people giving opinions on a complex subject that for all practical purposes seem to contradict each other. I’ll give them this, they are some smart people; all of them have demonstrated vision and accomplished quite a few things … Continue reading