Pete Finnigan

Subscribe to Pete Finnigan feed Pete Finnigan's weblog is the only weblog dedicated to Oracle security.
Updated: 11 hours 4 min ago

Is SQL Injection A WebSite Problem?

Fri, 2017-03-31 12:06
I saw a post on RobLockards Facebook page this week where he said some people have suggested that his SQL Injection talk only shows calling a procedure from SQLCl and not a web page and he suggests that he may....[Read More]

Posted by Pete On 31/03/17 At 03:38 PM

Categories: Security Blogs

Can You Say That An Oracle Database is nn% secure?

Thu, 2017-03-23 21:26
I often get this type of question from customers and also from people I speak to and even a few times by email. The question is "can you tell us how secure our database is?", is it 10% secure, is....[Read More]

Posted by Pete On 23/03/17 At 03:22 PM

Categories: Security Blogs

PFCLScan - A Security Scanner For Oracle Databases - New Website

Thu, 2017-03-23 03:06
Our software product PFCLScan can be used to assess your Oracle databases for security issues that could make your data vulnerable to loss or attack. PFCLScan initially had its own website, but since the restyle and redesign of our....[Read More]

Posted by Pete On 22/03/17 At 08:24 PM

Categories: Security Blogs

Validating The Length Of An Oracle Database Hashed password?

Thu, 2017-03-16 06:06
Q: Can I validate the length of a password in the Oracle database from the password hash? I have been asked this question a number of times over the years. Even someone emailed me to confirm the answer to this....[Read More]

Posted by Pete On 15/03/17 At 07:52 PM

Categories: Security Blogs

Default Password Hashes for 11g Oracle Database

Tue, 2017-03-14 17:26
I often get Oracle Security related questions from people randomly sent to my inbox or occasionally on Social media and less on on this sites forum. I get questions on average probably 4 times per week in these ways. I....[Read More]

Posted by Pete On 14/03/17 At 06:16 PM

Categories: Security Blogs

12.2 is Available For Download For Linux And Solaris

Thu, 2017-03-02 11:06
The Oracle database 12.2 has been available on the cloud for some time but it has not been available for download so that you can install it on your own servers or virtual Machines. You can download from OTN or....[Read More]

Posted by Pete On 02/03/17 At 09:10 AM

Categories: Security Blogs

Delete from AUD$

Tue, 2017-02-28 22:26
We have been working on a new audit trail toolkit / product for some time now which is called PFCLATK - The PFCL means "P"ete"F"innigan."C"om "L"imited so most of our tools products end up with a consistent name starting PFCL....[Read More]

Posted by Pete On 28/02/17 At 01:06 PM

Categories: Security Blogs

Fourteenth Anniversary For Limited And New Website

Thu, 2017-02-23 14:26
Wow, has it really been fourteen years since I started Limited? - Time has gone so fast and business is getting better and better. We have great customers, great Oracle Security trainings and consulting projects meeting new people and....[Read More]

Posted by Pete On 23/02/17 At 06:33 PM

Categories: Security Blogs

Two New Oracle Security Public Class Dates

Thu, 2017-01-12 15:26

I will be teaching two of my Oracle Security classes with Oracle University soon. The first is my class "Securing and Locking Down Oracle Databases". This class will be taught on the 24th January on-line via the Oracle LVC platform....[Read More]

Posted by Pete On 12/01/17 At 02:47 PM

Categories: Security Blogs

Oracle Security And Merry Xmas And A Happy New Year

Fri, 2016-12-16 21:46

I want to wish all readers of my site and this blog a very happy Christmas and a very prosperous New Year!! It has been some time since my last blog post; that's because we have been incredibly busy on....[Read More]

Posted by Pete On 16/12/16 At 08:54 PM

Categories: Security Blogs

Data Loss

Thu, 2016-09-01 01:26

Quite obviously (well its obvious to me!) one of the areas I am very interested in is data loss / data theft / data security and of course specifically Oracle security. We spend a lot of time looking at customers....[Read More]

Posted by Pete On 31/08/16 At 08:17 PM

Categories: Security Blogs

Oracle Security Training

Mon, 2016-08-22 21:46

We provide expert Oracle Security training classes world wide to many customers privately and also at public events; either as in person classes where the instructor travels to you or via webex where the instructor teaches the classes remotely. We....[Read More]

Posted by Pete On 22/08/16 At 03:52 PM

Categories: Security Blogs

Data Exposure, leakage and Reporting

Wed, 2016-08-10 16:46

I have had an interesting few interactions over the last week or so regarding data supposedly leaked from my website. This is interesting from two perspectives. The first is that three people emailed me and told me that my website....[Read More]

Posted by Pete On 10/08/16 At 10:23 AM

Categories: Security Blogs

Oracle Security Talks, Training and Conferences

Mon, 2016-08-08 09:46

Kamil Stawiarski who runs Database Whisperers sp. z o. o. sp. k., an Oracle specialist consulting company in Poland and whose company is also a reseller for our Oracle database security scanner PFCLScan in Poland has invited me to speak....[Read More]

Posted by Pete On 08/08/16 At 12:48 PM

Categories: Security Blogs

Oracle Security Expert Seminar

Fri, 2016-07-08 21:46

I am happy to announce that I will be teaching a five day Oracle Security expert seminar class with Oracle University at Oracle offices in Reading, UK from September 26th to September 30th 2016. This is a 5 days expert....[Read More]

Posted by Pete On 08/07/16 At 02:45 PM

Categories: Security Blogs

5 Days Expert Oracle Security Training In Paris - 20th June 2016

Wed, 2016-06-15 17:35

I will be teaching 5 days on my Oracle security classes in Paris from 20th June to 24th June with Oracle University at their offices and training suite. Details of the Oracle Security Event and how to register on Oracles....[Read More]

Posted by Pete On 06/06/16 At 09:59 AM

Categories: Security Blogs

Amis Conference June 2nd and 3rd

Wed, 2016-06-15 17:35

I will be at the Amis conference next Friday in Leiden not far from Amsterdam in Holland. The conference is held over two days, June 2nd and 3rd But I will be there just on the Friday due to other....[Read More]

Posted by Pete On 26/05/16 At 11:28 AM

Categories: Security Blogs

Are Zero Days or Bugs Fixed by CPU The Worst?

Wed, 2016-06-15 17:35

I spoke yesterday about compartmentalising Oracle Security and one element that comes out of this is the need to consider what you are trying to achieve; secure actual data and also secure the platform. In general applying security patches will....[Read More]

Posted by Pete On 25/05/16 At 12:51 PM

Categories: Security Blogs

Compartmentalised Oracle Security

Wed, 2016-06-15 17:35

I have been teaching security classes about Oracle Security for many years and they are very popular and I teach many classes per year around the world; mostly in the UK and EEC but I also venture to the Middle....[Read More]

Posted by Pete On 24/05/16 At 12:43 PM

Categories: Security Blogs

New Oracle Security Paper on Non-Production and Delphix

Wed, 2016-06-15 17:35

I was asked by Delphix earlier this year to review their product with a particular focus on Oracle security of course. I wrote two papers; the first about Data Masking and Delphix and the second about securing data in non-production....[Read More]

Posted by Pete On 23/05/16 At 11:23 AM

Categories: Security Blogs