Pete Finnigan

Subscribe to Pete Finnigan feed Pete Finnigan's weblog is the only weblog dedicated to Oracle security.
Updated: 6 hours 27 min ago

Looking for GRANT ALL on objects

Fri, 2022-10-21 15:26
This is the second part of the GRANT ALL on objects post that I made recently. This final look at this issue covers a simple SQL script that can be used to locate common objects where GRANT ALL has been....[Read More]

Posted by Pete On 21/10/22 At 10:14 AM

Categories: Security Blogs

Adding Scripting Languages to PL/SQL Applications - Part 1

Sat, 2022-10-01 01:06
That is an interesting title. PL/SQL is a scripting language so why would I want to talk about adding another scripting language to PL/SQL or even adding a compiler to PL/SQL. First what possibilities are there? PL/SQL can be used....[Read More]

Posted by Pete On 30/09/22 At 12:49 PM

Categories: Security Blogs

Granting ALL on Database Objects

Tue, 2022-08-09 09:06
I was asked by a friend a few days ago a few questions related to the granting of ALL on a database object such as a table or a PL/SQL package. For example - GRANT ALL ON OWNER.TABLE TO DAVE....[Read More]

Posted by Pete On 09/08/22 At 12:46 PM

Categories: Security Blogs

Do You Worry Your Companies data is Being Stolen?

Fri, 2022-08-05 13:26
The number of data breaches is seemingly growing daily and a lot of companies worry that they could be the next statistic of misery and embarrassment. Do you lose sleep worrying that your company could be breached and its data....[Read More]

Posted by Pete On 05/08/22 At 12:47 PM

Categories: Security Blogs

Searchlight a Product to Make Finding Data Easy

Fri, 2022-07-29 16:26
Do you need to comply with GDPR and protect personal data but have no idea where to start to locate that data? Searchlight; is a tool to find your data . Limited have become the reseller for a great....[Read More]

Posted by Searchlight On 29/07/22 At 11:22 AM

Categories: Security Blogs

Oracle Security - Hidden Grant When Create a Role and Revoke in a CDB

Tue, 2022-06-07 18:26
I am keen to reduce grants made in any customers database. One area we can focus on is this curios state of affairs that the creator of a role in the Oracle database is also granted that role as part....[Read More]

Posted by Pete On 07/06/22 At 10:31 AM

Categories: Security Blogs

Adaptive Database Auditing and Security

Wed, 2022-05-25 19:06
We are working with customers to design security for their Oracle databases and also to help and design audit trails. An audit trail is the easiest countermeasure or control that can be added to a database because if you do....[Read More]

Posted by Pete On 25/05/22 At 07:38 PM

Categories: Security Blogs

The challenges of securing data in an Oracle database

Wed, 2022-05-11 07:06
I will be doing a talk at an even in Eight Members Club Bank, 1 Change Alley, London,EC3V 3ND on the 14th June 2022. The event runs from 8am to 10am. The event is free to attend and to register....[Read More]

Posted by Pete On 11/05/22 At 10:04 AM

Categories: Security Blogs

Add License Checks Anywhere in your PL/SQL

Thu, 2022-03-31 01:46
Our product PFCLObfuscate allows dynamic obfuscation of PL/SQL. The original use of this in the product was to add licensing automatically to PL/SQL. This is similar to products that protect binaries such as C programs or DLLs. It is common....[Read More]

Posted by PFCLObfuscate On 30/03/22 At 05:31 PM

Categories: Security Blogs

Software from Building Blocks - Fast Development - One Month Projects

Tue, 2022-03-22 16:26
More than 20 years ago I was working away from home and was in a loud restaurant / bar in London and chatting to colleagues there and we were all talking about ways to make money and ideas. I proposed....[Read More]

Posted by Pete On 22/03/22 At 06:33 PM

Categories: Security Blogs

Make Pete Finnigan a remote expert part of your team

Thu, 2022-03-10 10:06
Over the last few years I have personally been asked many times to come and work full time in large companies to head up or direct their Oracle security efforts or more general database security efforts. Others ask us to....[Read More]

Posted by Pete On 10/03/22 At 01:40 PM

Categories: Security Blogs

Do we Need to Revoke PUBLIC from a User?

Wed, 2022-03-02 18:46
I was having a discussion a couple of weeks ago with a friend and he said that in the company he is working at the Oracle database security standard / guide that they are working to told them that they....[Read More]

Posted by Pete On 02/03/22 At 02:37 PM

Categories: Security Blogs

Strong Passwords with Oracle Wallets

Wed, 2022-02-23 22:06
I get involved a lot in recent years with Oracle SSL, TLS, TCPS, Kerberos and more. A lot more customers now are trying to use stronger database authentication as well as TLS/SSL encryption and many other features such as full....[Read More]

Posted by Pete On 23/02/22 At 02:01 PM

Categories: Security Blogs

How I Write an Oracle Security Training Course

Tue, 2022-02-15 12:26
I mentioned a couple of weeks ago on Social media and also briefly in a blog post here that I am writing a new two day class "Oracle Database Vault Deep Dive". That is the working name at the moment....[Read More]

Posted by Pete On 15/02/22 At 11:17 AM

Categories: Security Blogs

Happy 19th Birthday Limited

Sat, 2022-02-12 11:06
Just a short blog to wish my company Limited a happy 19th birthday. 19 years ago today, the 12th February 2003: I registered and launched the company 19 years ago to specialise in all things Oracle security. We focus....[Read More]

Posted by Pete On 12/02/22 At 09:50 AM

Categories: Security Blogs

Pete, Did You Deliver The Wrong Product?

Thu, 2022-02-10 22:26
We sell a number of software products aimed at helping secure data in an Oracle database and we get this issue / point / question coming up from time to time. Yesterday morning I got an email from a customer....[Read More]

Posted by PFCLScan On 10/02/22 At 02:21 PM

Categories: Security Blogs

How do we Train Staff to do Oracle Security?

Tue, 2022-02-08 15:26
I am asked this question comes up a lot and indeed this morning on a webex it came up again so I decided to discuss this question here. I started in this Oracle Security space a very long time ago....[Read More]

Posted by Pete On 08/02/22 At 02:21 PM

Categories: Security Blogs

Looking Forwards To 2022!!

Fri, 2022-02-04 01:26
NOTE: I wrote this post back in January and then just after posting it the web server crashed. So, I guess a small number of people may have seen it before. It is essentially the same post now except for....[Read More]

Posted by Pete On 03/02/22 At 02:13 PM

Categories: Security Blogs

Joel Kalllman Day

Wed, 2021-10-13 08:06
I saw a few tweets yesterday about Joel Kallman and liked a few and shared one (maybe two) and then I saw Tim Halls post that talked about Joel Kallman day. I decided to do a quick blog now to....[Read More]

Posted by Pete On 13/10/21 At 12:02 PM

Categories: Security Blogs

Designing Good Audit Trails for an Oracle Database

Thu, 2021-09-23 11:46
I have been asked to speak at the UKOUG Autumn Tech event. This is an online conference event and the agenda grid is live and I will speak at 15:00 to 15:45 BUT the link to the details of my....[Read More]

Posted by Pete On 23/09/21 At 09:58 AM

Categories: Security Blogs