Pete Finnigan

Subscribe to Pete Finnigan feed Pete Finnigan
PeteFinnigan.com's weblog is the only weblog dedicated to Oracle security.
Updated: 13 hours 40 min ago

Oracle Security - Hidden Grant When Create a Role and Revoke in a CDB

Tue, 2022-06-07 18:26
I am keen to reduce grants made in any customers database. One area we can focus on is this curios state of affairs that the creator of a role in the Oracle database is also granted that role as part....[Read More]

Posted by Pete On 07/06/22 At 10:31 AM

Categories: Security Blogs

Adaptive Database Auditing and Security

Wed, 2022-05-25 19:06
We are working with customers to design security for their Oracle databases and also to help and design audit trails. An audit trail is the easiest countermeasure or control that can be added to a database because if you do....[Read More]

Posted by Pete On 25/05/22 At 07:38 PM

Categories: Security Blogs

The challenges of securing data in an Oracle database

Wed, 2022-05-11 07:06
I will be doing a talk at an even in Eight Members Club Bank, 1 Change Alley, London,EC3V 3ND on the 14th June 2022. The event runs from 8am to 10am. The event is free to attend and to register....[Read More]

Posted by Pete On 11/05/22 At 10:04 AM

Categories: Security Blogs

Add License Checks Anywhere in your PL/SQL

Thu, 2022-03-31 01:46
Our product PFCLObfuscate allows dynamic obfuscation of PL/SQL. The original use of this in the product was to add licensing automatically to PL/SQL. This is similar to products that protect binaries such as C programs or DLLs. It is common....[Read More]

Posted by PFCLObfuscate On 30/03/22 At 05:31 PM

Categories: Security Blogs

Software from Building Blocks - Fast Development - One Month Projects

Tue, 2022-03-22 16:26
More than 20 years ago I was working away from home and was in a loud restaurant / bar in London and chatting to colleagues there and we were all talking about ways to make money and ideas. I proposed....[Read More]

Posted by Pete On 22/03/22 At 06:33 PM

Categories: Security Blogs

Make Pete Finnigan a remote expert part of your team

Thu, 2022-03-10 10:06
Over the last few years I have personally been asked many times to come and work full time in large companies to head up or direct their Oracle security efforts or more general database security efforts. Others ask us to....[Read More]

Posted by Pete On 10/03/22 At 01:40 PM

Categories: Security Blogs

Do we Need to Revoke PUBLIC from a User?

Wed, 2022-03-02 18:46
I was having a discussion a couple of weeks ago with a friend and he said that in the company he is working at the Oracle database security standard / guide that they are working to told them that they....[Read More]

Posted by Pete On 02/03/22 At 02:37 PM

Categories: Security Blogs

Strong Passwords with Oracle Wallets

Wed, 2022-02-23 22:06
I get involved a lot in recent years with Oracle SSL, TLS, TCPS, Kerberos and more. A lot more customers now are trying to use stronger database authentication as well as TLS/SSL encryption and many other features such as full....[Read More]

Posted by Pete On 23/02/22 At 02:01 PM

Categories: Security Blogs

How I Write an Oracle Security Training Course

Tue, 2022-02-15 12:26
I mentioned a couple of weeks ago on Social media and also briefly in a blog post here that I am writing a new two day class "Oracle Database Vault Deep Dive". That is the working name at the moment....[Read More]

Posted by Pete On 15/02/22 At 11:17 AM

Categories: Security Blogs

Happy 19th Birthday PeteFinnigan.com Limited

Sat, 2022-02-12 11:06
Just a short blog to wish my company PeteFinnigan.com Limited a happy 19th birthday. 19 years ago today, the 12th February 2003: I registered and launched the company 19 years ago to specialise in all things Oracle security. We focus....[Read More]

Posted by Pete On 12/02/22 At 09:50 AM

Categories: Security Blogs

Pete, Did You Deliver The Wrong Product?

Thu, 2022-02-10 22:26
We sell a number of software products aimed at helping secure data in an Oracle database and we get this issue / point / question coming up from time to time. Yesterday morning I got an email from a customer....[Read More]

Posted by PFCLScan On 10/02/22 At 02:21 PM

Categories: Security Blogs

How do we Train Staff to do Oracle Security?

Tue, 2022-02-08 15:26
I am asked this question comes up a lot and indeed this morning on a webex it came up again so I decided to discuss this question here. I started in this Oracle Security space a very long time ago....[Read More]

Posted by Pete On 08/02/22 At 02:21 PM

Categories: Security Blogs

Looking Forwards To 2022!!

Fri, 2022-02-04 01:26
NOTE: I wrote this post back in January and then just after posting it the web server crashed. So, I guess a small number of people may have seen it before. It is essentially the same post now except for....[Read More]

Posted by Pete On 03/02/22 At 02:13 PM

Categories: Security Blogs

Joel Kalllman Day

Wed, 2021-10-13 08:06
I saw a few tweets yesterday about Joel Kallman and liked a few and shared one (maybe two) and then I saw Tim Halls post that talked about Joel Kallman day. I decided to do a quick blog now to....[Read More]

Posted by Pete On 13/10/21 At 12:02 PM

Categories: Security Blogs

Designing Good Audit Trails for an Oracle Database

Thu, 2021-09-23 11:46
I have been asked to speak at the UKOUG Autumn Tech event. This is an online conference event and the agenda grid is live and I will speak at 15:00 to 15:45 BUT the link to the details of my....[Read More]

Posted by Pete On 23/09/21 At 09:58 AM

Categories: Security Blogs

Happy 17th Birthday to this Oracle Security Blog

Thu, 2021-09-16 14:46
It is almost 17 years since I started this blog on the 20th of September 2004. I had actually already been sort of blogging without blog software before that since 10th February 2004 with my ramblings section of my website....[Read More]

Posted by Pete On 16/09/21 At 11:24 AM

Categories: Security Blogs

Register for a Free Webinar with PFCLForensics for Breached Oracle Databases

Tue, 2021-09-14 07:46
I will be giving a free webinar hosted with our reseller/distributer in Slovenia and the Balkans region - Palsit . The free webinar is at 09:00 UK time or 10:00 CET time on the 22nd September 2021. In this webinar....[Read More]

Posted by Pete On 14/09/21 At 01:28 PM

Categories: Security Blogs

PFCLForensics is released a tool for forensic analysis of a breached database

Thu, 2021-09-09 17:46
We have had a very busy year despite the Covid pandemic. I personally managed to catch covid last January and was very unwell for weeks with coviid and then many many weeks recovering after that. Then I managed to get....[Read More]

Posted by Pete On 09/09/21 At 01:53 PM

Categories: Security Blogs

Should We Security Patch Oracle Databases?

Mon, 2021-07-12 22:46
Spoiler: Of course! Security patching of Oracle databases can be a touchy and complex subject for some companies. It is perceived to be complex; companies don’t want the downtime; business is worried that a security patch can break the applications....[Read More]

Posted by Pete On 12/07/21 At 03:33 PM

Categories: Security Blogs

Unwrapping PL/SQL Source Code and Proving the Code is Recovered

Tue, 2021-07-06 20:06
We get asked by people if we can recover customers PL/SQL quite a few times a year. This is because they no longer have access to the original clear text PL/SQL. We can of course get this code back for....[Read More]

Posted by Pete On 06/07/21 At 04:00 PM

Categories: Security Blogs

Pages