Category Archives: infosec

Oracle Audit Vault Database Firewall 20.7 Adds TLS support

Here we’re just discussing Database Firewall! Oracle AVDF 20.7 now supports TLS. Here I’m using TLS Conn 1 and TLS Conn 2 to represent two distint TLS connections. For database firewall to use this, the traffic must be decrypted at … Continue reading

Posted in infosec | Tagged , , , , , , | Leave a comment

Connect #sqlcl to your cloud database. #quicktip

Dude, it’s easy! Download the wallet. I will rename the zip file to something that makes sense to me. In this case avdf_test_db.zip (that’s because I’m using this database to test Audit Vault Database Firewall. See, it makes sense! startup … Continue reading

Posted in infosec | Tagged , , , , , | Leave a comment

Data spillage #quicktip

Statistics data is stored in the sysaux tablespace, if you’re not using full database encryption, then you have unencrypted data. In OCI, this is encrypted by default.

Posted in infosec | Tagged , , , , | Leave a comment

Oracle datapump prevent spillage #quiktip

If you use datapump to get an export of your database, then please encrypt your exports. Even if you’re using TDE, this spillage can happen. To fix this, use the encryption parameter on the command line. This will prevent data … Continue reading

Posted in infosec | Leave a comment

PL/SQL Granting Roles to Packages #Quicktip

–As a user with create role privileges and the ability to grant — the required privileges to the role. ie: DBA conn rob_dba@demo create role <role>; grant <privilege> on <object owner>.<object name> to <role>; grant <role> to <package owner> with … Continue reading

Posted in infosec | Leave a comment

After your migration to OCI, #quicktip

After migrating your database to OCI; if you don’t need the data anymore on your local system(s), you should do a secure delete on all your local datafiles. If you are going to need the data again, then move the … Continue reading

Posted in infosec | Leave a comment

Password problems.

Do you see the problem with the following code fragment?c##sec_admin > administer key management set keystore open identified by SecretPassword; If your network is not encrypted, your password will be sent in the clear. This is part of the huge advantage … Continue reading

Posted in infosec | Leave a comment

Oracle Database Baseline Security Standards

Ya’ know, it’d be really nice if someone put together some baseline security standards for the Oracle database. Well, you can find those is a couple of places. These tools checklist are free to use. Now, I’m partial to the … Continue reading

Posted in infosec | Leave a comment

Oracle Audit Vault / Database Firewall (AVDF) 20.7 and Sensitive data discovery.

Oracle AFDF can track the usage of sensitive data in your database, this includes, who can access, who has made changes, and access by privileged users. Improving your ability to keep an eye on what is happening with sensitive data. … Continue reading

Posted in infosec | Leave a comment

Oracle database security quick tip.

We’re going to be discussing database parameters that if not set correctly, it will allow hackers full access to the database.

Posted in infosec | Tagged , , , , , | Leave a comment

Oracle Privilege Analysis for testing, before moving to production. #LeastPrivilege #Infosec #Oracle #Privileged

In the testing phase, we normally test functionality and break the application. There is something that’s missing. Now, most developers are not experts in how privileges work in Oracle, this is not a bad thing because privileges can be complex … Continue reading

Posted in infosec | Leave a comment

Data is the king, what to expect in 2022

May 6, 2017 the Economist published an article that data is more valuable than oil. https://www.economist.com/leaders/2017/05/06/the-worlds-most-valuable-resource-is-no-longer-oil-but-data Every year I “try” to figure out what tools I need to sharpen, what tools I need to pick up, and what tools can … Continue reading

Posted in infosec | Leave a comment

Database Security with Oracle ACE Director Jim Czuprynski

Posted in infosec | Leave a comment

Liron Amitzi – A conversation on database security

Posted in infosec | Leave a comment

My views on in person conferences, safety in the time of COVID-19

Posted in infosec | Leave a comment

Cybersecurity, culture, travel, and keeping your IT infrastructure safe.

I get to chat with Liron Amitzi and Jim (The Why Guy) Czuprynski about what interest me the most. Keeping your IT infrastructure safe and culture. https://beyondtechskills.com/episodes/if-you-aint-paranoid-you-aint-payin-attention-rob-lockard-on-cybersecurity-culture#T

Posted in infosec | Leave a comment

Transparant Data Encryption and Oracle Key Vault with Peter Wahl.

I had the pleasure of chatting with Peter Wahl, Oracle Principle Product Manager for Encryption and Secrets. He gives a great talk on Transparent Data Encryption and Oracle Key Vault.

Posted in encryption, infosec, Security | Leave a comment

There has been some changes. #Accenture #DatabaseSecurity #InfoSec

Life is busy and good; new Some of y’all may already know, after almost thirty years of working for myself, I accepted a position with Accenture Enkitec Group as Technology Innovation Principal Director and the Global Lead for Database Security. … Continue reading

Posted in infosec | Tagged , , | Leave a comment

Upcoming talks UTOUG, INSYNC, and Uzbekistan INHA University.

March and April are booking up fast. Getting real busy and loving life. Utah Oracle Users Group (UTOUG) March 17 – 18 Keynote: “Curves ahead: Emerging technology threats.”, “Holistic Database Security in the cloud.”, and “PL/SQL Secure Coding in the … Continue reading

Posted in infosec | Leave a comment

The Future of #AI with Sandesh Rao

In our series on the future of AI, here is the interview with Sandesh Rao, VP Autonomous Health and Machine Learning at Oracle  

Posted in infosec | Leave a comment

Oracle 21C, new feature blockchain tables.

I’ve spoken in the past about the utility of blockchain, to create a table that can not be altered. Oracle 21C is now available in OCI. The syntax to create a blockchain table is quite simple. create blockchain table test … Continue reading

Posted in infosec | Leave a comment

The future of #AI.

We have people giving opinions on a complex subject that for all practical purposes seem to contradict each other. I’ll give them this, they are some smart people; all of them have demonstrated vision and accomplished quite a few things … Continue reading

Posted in infosec | Leave a comment

Effective Emails #BLUF

Yes, this is a bit outside of my specialty; however, I receive somewhere between four to five hundred emails a day. Some are informational, some require me to make a decision, others are request. There is a US DOD standard … Continue reading

Posted in infosec | Leave a comment

Upcoming talks.

On 20 October I’ll be speaking at the Spanish Oracle Users Group on Holistic Database Security. Registration URL to follow. On 29 October I’ll be giving the talk “Staying Current in a constantly changing IT Environment” This talk is open … Continue reading

Posted in infosec | Leave a comment

AI Ops with Sandesh Rao

Monday August 31st at 1800 Sandesh Rao VP AI Ops and Machine Learning for Oracle Corporation will be giving a talk on AI Ops. Predict failures, make IT Operations easy. This is a no cost webinar. Registration link at the … Continue reading

Posted in infosec | Leave a comment