Category Archives: infosec
Oracle Machine Learning Scratchpad new feature.
I’ve been working learning Oracle Machine Learning and noticed a new feature this morning. You now have the ability to run R scripts in scratchpad.
Oracle Audit Vault Database Firewall 20.7 Adds TLS support
Here we’re just discussing Database Firewall! Oracle AVDF 20.7 now supports TLS. Here I’m using TLS Conn 1 and TLS Conn 2 to represent two distint TLS connections. For database firewall to use this, the traffic must be decrypted at … Continue reading
Connect #sqlcl to your cloud database. #quicktip
Dude, it’s easy! Download the wallet. I will rename the zip file to something that makes sense to me. In this case avdf_test_db.zip (that’s because I’m using this database to test Audit Vault Database Firewall. See, it makes sense! startup … Continue reading
Data spillage #quicktip
Statistics data is stored in the sysaux tablespace, if you’re not using full database encryption, then you have unencrypted data. In OCI, this is encrypted by default.
Oracle datapump prevent spillage #quiktip
If you use datapump to get an export of your database, then please encrypt your exports. Even if you’re using TDE, this spillage can happen. To fix this, use the encryption parameter on the command line. This will prevent data … Continue reading
PL/SQL Granting Roles to Packages #Quicktip
–As a user with create role privileges and the ability to grant — the required privileges to the role. ie: DBA conn rob_dba@demo create role <role>; grant <privilege> on <object owner>.<object name> to <role>; grant <role> to <package owner> with … Continue reading
After your migration to OCI, #quicktip
After migrating your database to OCI; if you don’t need the data anymore on your local system(s), you should do a secure delete on all your local datafiles. If you are going to need the data again, then move the … Continue reading
Password problems.
Do you see the problem with the following code fragment?c##sec_admin > administer key management set keystore open identified by SecretPassword; If your network is not encrypted, your password will be sent in the clear. This is part of the huge advantage … Continue reading
Oracle Database Baseline Security Standards
Ya’ know, it’d be really nice if someone put together some baseline security standards for the Oracle database. Well, you can find those is a couple of places. These tools checklist are free to use. Now, I’m partial to the … Continue reading
Oracle Audit Vault / Database Firewall (AVDF) 20.7 and Sensitive data discovery.
Oracle AFDF can track the usage of sensitive data in your database, this includes, who can access, who has made changes, and access by privileged users. Improving your ability to keep an eye on what is happening with sensitive data. … Continue reading
Oracle database security quick tip.
We’re going to be discussing database parameters that if not set correctly, it will allow hackers full access to the database.
Oracle Privilege Analysis for testing, before moving to production. #LeastPrivilege #Infosec #Oracle #Privileged
In the testing phase, we normally test functionality and break the application. There is something that’s missing. Now, most developers are not experts in how privileges work in Oracle, this is not a bad thing because privileges can be complex … Continue reading
Data is the king, what to expect in 2022
May 6, 2017 the Economist published an article that data is more valuable than oil. https://www.economist.com/leaders/2017/05/06/the-worlds-most-valuable-resource-is-no-longer-oil-but-data Every year I “try” to figure out what tools I need to sharpen, what tools I need to pick up, and what tools can … Continue reading
Cybersecurity, culture, travel, and keeping your IT infrastructure safe.
I get to chat with Liron Amitzi and Jim (The Why Guy) Czuprynski about what interest me the most. Keeping your IT infrastructure safe and culture. https://beyondtechskills.com/episodes/if-you-aint-paranoid-you-aint-payin-attention-rob-lockard-on-cybersecurity-culture#T
Transparant Data Encryption and Oracle Key Vault with Peter Wahl.
I had the pleasure of chatting with Peter Wahl, Oracle Principle Product Manager for Encryption and Secrets. He gives a great talk on Transparent Data Encryption and Oracle Key Vault.
There has been some changes. #Accenture #DatabaseSecurity #InfoSec
Life is busy and good; new Some of y’all may already know, after almost thirty years of working for myself, I accepted a position with Accenture Enkitec Group as Technology Innovation Principal Director and the Global Lead for Database Security. … Continue reading
Upcoming talks UTOUG, INSYNC, and Uzbekistan INHA University.
March and April are booking up fast. Getting real busy and loving life. Utah Oracle Users Group (UTOUG) March 17 – 18 Keynote: “Curves ahead: Emerging technology threats.”, “Holistic Database Security in the cloud.”, and “PL/SQL Secure Coding in the … Continue reading
The Future of #AI with Sandesh Rao
In our series on the future of AI, here is the interview with Sandesh Rao, VP Autonomous Health and Machine Learning at Oracle
Oracle 21C, new feature blockchain tables.
I’ve spoken in the past about the utility of blockchain, to create a table that can not be altered. Oracle 21C is now available in OCI. The syntax to create a blockchain table is quite simple. create blockchain table test … Continue reading
The future of #AI.
We have people giving opinions on a complex subject that for all practical purposes seem to contradict each other. I’ll give them this, they are some smart people; all of them have demonstrated vision and accomplished quite a few things … Continue reading
Effective Emails #BLUF
Yes, this is a bit outside of my specialty; however, I receive somewhere between four to five hundred emails a day. Some are informational, some require me to make a decision, others are request. There is a US DOD standard … Continue reading
Upcoming talks.
On 20 October I’ll be speaking at the Spanish Oracle Users Group on Holistic Database Security. Registration URL to follow. On 29 October I’ll be giving the talk “Staying Current in a constantly changing IT Environment” This talk is open … Continue reading