Oracle Database Security Audit Training Course [ 2 Days ]

This course teaches the delegates how to confidently perform a security audit on an Oracle database. The course gets the delegates up to speed on the reasons Oracle databases are invariably insecure. Everyone is brought up to the same level in terms of where to look, what to look for and why. The course shows how a security audit is planned, how to prepare yourself for it, your staff and your environments.

“Instructors knowledge and experience beyond question! Excellent course.”

-- S.K, Large Power Supplier, UK

The course is aimed at the fundamentals of how to review a database and why and does not focus on simply running tools. It is important to understand why something is an issue, to understand how to check that its an issue and importantly understand the implications in respect to your own databases and applications before using pre-built or commercial tools.

The course includes a complete simulated audit by running through step-by-step all of the steps and components of an Oracle database audit via the medium of slides but importantly using a sample Oracle database and fully functioning content management application as a basis for the audit. Each area of the Oracle security audit is demonstrated and explained in detail.

“The course was to the point, dealt with security auditing specifically. Extremely knowledgeable and pragmatic.”
“It was a great oppertunity to learn directly from Pete”

-- C.N, Large Motor Manuf, USA

The course has been designed by Pete Finnigan and is up to date using all supported versions of Oracle from 9iR2 through Oracle 11g. The course is run on your own site and is over two days and includes the following topics:

Background to key database files, structures, configurations and files relative to security
Oracle security tools, checklists and more
Why audit an Oracle database
Exploiting Oracle, SQL Injection, configuration, escalation of privilege and more
Planning an audit
Setting up for an audit, gathering tools, prepping laptop, people, access
Starting the audit
Software installed, versions and attack surface
Enumerating users, password strength and more
Assessing users, privileges and RBAC
Auditing the Oracle database association with the file system
Audit Oracle networking
Audit the database configuration
Specialist considerations, Credit cards, personally identifiable data and more
Review the audit trail
Data analysis, vulnerability assessment
Document findings, develop a policy and deciding what to fix
A look at some of the automated tools

A detailed agenda for how to perform an Oracle security audit is available here [Detailed Oracle Security course agenda].

“Thany you very much!”
“Excellent presentation, vast knowledge on the subject”

-- P.P, Consulting Company, Finland

The course is delivered by Pete Finnigan, a principal consultant with years of real world experience in auditing and securing customers Oracle databases. Pete is also well known for writing and presenting extensively in the area of Oracle security. The course includes the slides and delegate notes and is delivered on customers sites.

Course Price Structure

This course is offered at a fixed price for up to 8 students, any additional students can be added for a modest additional cost.

Public Course Dates For This Class

This class is also offered as a public training course via various third parties around the world. The following dates and locations are already agreed and are available for registration. You can either contact the individual partner directly or registration details can be obtained or forwarded through PeteFinnigan.com Limited by emailing info@petefinnigan.com.

The following public dates are currently available [More coming soon]:

January 27th and 28th 2010 - Istanbul, Turkey - With Oracle University - [For registration details click here ]
February 3rd 2010 - Zurich, Switzerland - Vendor to be announced - [Registration details will be added soon]
February 9th and 10th 2010 - York, England - With PeteFinnigan.com Limited - [For registration details click here ]
February 24th and 25th 2010 - Warsaw, Poland - With Oracle University - [For registration details click here ]
March 16th and 17th 2010 - Bratislava, Solvakia - With Oracle University - [For registration details click here ]
March 25th to 26th 2010 - Washington DC, USA - With 1 Security Solutions Applied L.L.C. - [For registration details click here ]
May 26th and 27th 2010 - Utrecht, Holland - With Miracle Benelux - [For registration details click here]
May 2010 - Sarajevo, Bosnia and Herzegovina - With Oracle University - [Registration details will be added soon]
June 16th and 17th 2010 - Paris, France - With ISEP - [Registration details will be added soon]
June 24th and 25th 2010 - Denver, Colorado, USA - With 1 Security Solutions Applied L.L.C. - [For registration details click here ]

Booking, More Details?, Want To Partner?

Please email info@petefinnigan.com to book this training course on site or to book a place on a public training event. Also contact us to discuss your individual requirements or to discuss partnering with PeteFinnigan.com Limited. We will be pleased to hear from you.


There are 38 visitors online
Services \| Portal \| White Papers \| Scripts \| Tools \| Newsletter \| Information \| Alerts \| Search \| Weblog / Forum \| What's New About Us Consulting Services Training Courses Oracle Security Research Database Policy Partners Products Careers Pete Finnigan Contact Details Events Oracle Security Database Security Database Software Security Web Development Programming Off Topic Oracle Security Oracle Security (Page 2) Others Ramblings Oracle Security Tips SQL and PL/SQL Unix Tools Audit Tools Default Password Checker Default Password List Oracle Security Scanner Subscribe Un-Subscribe Recent Newsletters Web Links Books Oracle Newsgroups Oracle Blogs Oracle news Feedback / Enquiries Guestbook Site Map Site Statistics WebLog Forum Security Issues Database What's New Register for Updates PeteFinnigan.com in the news