Oracle Database Listener Security Guide – Rewritten For Oracle 12.2
In October 2002 Integrigy first posted a guide to securing the Oracle Listener. Since then this whitepaper has been our most popular download. This month we rewrote the whitepaper for Oracle 12c,...
View ArticleOracle Listener Security New ORACLE 12.2 Firewall Feature
Service-Level ALCs is a new feature of the 12.2 Listener that allows every database service to have its own ACL. The ACL must be based on IP addresses and this feature allows multitenant pluggable...
View ArticleClik here to view.
Capture Change Ticket Numbers In Oracle Database Audit Streams
Reconciling database events to ticket numbers is a time consuming manual task that can be easily automated. The solution is to populate the client_id context variable that is a standard feature of the...
View ArticleClik here to view.
Logging PeopleSoft, E-Business Suite and SAP End-Users in Oracle RDBMS Audit...
Logging and auditing database connections to application users for SAP, PeopleSoft and the E-Business Suite is possible with a standard feature of the Oracle RDBMS. SAP, PeopleSoft and the E-Business...
View ArticleClik here to view.
Oracle Data Definition Language (DDL) Auditing
Relational databases use DDL statements to define structures such as tables to store data and functions to store code. Monitoring, auditing and logging changes to DDL are key components of a database...
View ArticleOracle Audit Trail Add Program Name
The program name attribute (V$SESSION.PROGRAM) is not by default passed to Oracle’s audit logs. It can be optionally included. To do so, apply Patch 7023214 on the source database. After the patch is...
View ArticleOracle Unified Auditing Performance Issues and 12.2 Improvements
For those of you using and/or considering Unified Auditing, in case you might have missed, Oracle has made significant changes to Unified Auditing in 12.2. Unified Auditing, new in Oracle 12c,...
View ArticleClik here to view.
The Thrifty DBA Does Database Security
To properly secure an Oracle database requires significant effort and often expensive security add-on products. The Thrifty DBA likes having secure databases, but doesn't like to spend money on...
View ArticleClik here to view.
SCAP OVAL Example Check for Oracle
The attached is a SCAP OVAL example Check for Oracle RDBMS. Please use it for testing and demonstration purposes only. To use the attached, rename the .txt extension to .xml and if you have questions...
View ArticleClik here to view.
STIGS, SCAP, OVAL, Oracle Databases and ERP Security
Last week’s unprecedented ransomware cyber attacks (http://preview.tinyurl.com/lhjfjgk) caught me working through some research on security automation. The cyber attacks evidently were attributed to an...
View ArticleClik here to view.
SCAP OVAL Oracle SQL57_TEST Example
The attached is a SCAP OVAL sql57_test example for the Oracle E-Business Suite - it will suffice for any Oracle database. To use the attached, rename the .txt extension to .xml and if you have...
View ArticleSCAP OVAL SQL57_TEST Example For Oracle E-Business Suite
Last week I posted a blog introducing SCAP and OVAL. Here is a quick follow-up with a link to a sql57_test example using the Oracle E-Business Suite - it will suffice for any Oracle database.A great...
View ArticleIntegrigy at Oracle Open World 2017
Integrigy will be presenting again this year on database security at Oracle Open World 2017 (San Francisco, October 1-5). If you will be attending Open World, please join us for this informative...
View ArticleClik here to view.
Hacking an Oracle Database and How to Prevent It
Oracle Databases are a target of cyber-attacks by hackers looking to obtain sensitive data such as credit card numbers and personally identifiable information used in identify theft. Even though...
View ArticleIntegrigy at COLLABORATE 19 - Oracle E-Business Suite Security, Database...
Heading to COLLABORATE 19? For the 12th consecutive year, Integrigy will be presenting on Oracle E-Business security, Oracle Database security, and PeopleSoft security. If you will be attending, be...
View ArticleUpcoming Webinar: Is Your Sensitive Data Playing Hide and Seek with You?
Is Your Sensitive Data Playing Hide and Seek with You? Thursday, December 12, 2019 - 2:00 pm ESTYour Oracle databases and ERP applications may contain sensitive personal data like Social Security...
View ArticleClik here to view.
Is Your Sensitive Data Playing Hide and Seek with You?
Your Oracle databases and ERP applications may contain sensitive personal data like Social Security numbers, credit card numbers, addresses, date of births, and salary information. Understanding in...
View ArticleClik here to view.
Change Your Thinking About Security with Oracle Database in the Cloud
How does database security change when you move to the Cloud? Security does change and how to handle database security needs to change when running databases in the Cloud. However, you still own your...
View ArticleClik here to view.
The Tools Hackers Are Using Against Your Oracle Database
Oracle Databases are a target of cyber-attacks by hackers looking to obtain sensitive data such as credit card numbers and personally identifiable information used in identify theft. Even though...
View ArticleClik here to view.
The Thrifty DBAs Guide to Open Source Database Security Tools
To properly secure an Oracle database requires significant effort and often expensive security add-on products. The Thrifty DBA likes having secure databases, but doesn’t like to spend money on...
View Article