Auditing an Oracle database for security issues is very important. provides all of the information and tools that you will need Click here for details of Limited's detailed Oracle database security audit service Click here for details of Limited's Oracle Security Training Courses
There are 50 visitors online    
Cookie Policy:We only use essential cookies on small sections of this website. For details see here.

Pete Finnigan's Oracle security weblog

Home » Archives » May 2013 » Oracle Security Class and software for Oracle security

[Previous entry: "Secure Coding PL/SQL"] [Next entry: "Oracle Security WebSite Woes!"]

Oracle Security Class and software for Oracle security

May 30th, 2013 by Pete

I have just agreed a public class dates of my very popular "How to perform a security audit of an Oracle database" with Oracle University to be held on September 24th and 25th in Rome, Italy. The registration link with Oracle is : grin80323_1025738,p_preview:N
- Sorry the link on Oracles site breaks when embedded as a link so please cut and paste into your browser.

I have just done two successful public classes in Istanbul and Prague and have quite a number of private classes booked in over the next few months. If you would like a private class then please contact me. Also if you would like to organise a public class; many have so far, then also please contact me.

We have had great success in the last few months with our new competitive license model for our Oracle database security scanner PFCLScan. The license model as you will read is based on software installation and not the number of databases that you scan. This works well for companies using the scanner internally or if you are a consultant. The primary goal for me was to have a product that is reasonable to license and also that is useful to either use out of the box but more importantly for customers to create their own custom policies in PFCLScan that can be used to test against their own internal Oracle security standards. To this end we designed and developed the product to make it easy to create projects to scan with and also to develop your own policies to acheive easily a policy that matches your own standards. You can use our policies and checks and mix and match them into your own policies and projects. We don't encrypt the checks so you can easily modify or extend them. We also have the concept of libraries so that you can create simiilar checks once as a library and then use it and parameterise its inputs. This makes cutting and pasting unnecessary in terms of writing policies. We also support checks in many different languages and targets as well as questionaire type checks.

As I said the focus for us was to provide a rich interface that is open and very flexible to allow easy creation of your own policies to your own standards. You can of course just run ours!

We have adopted the same license model for our other product PFCLObfuscate. This is again licensed per software installation and not targets or files protected. This product can be used to protect your PL/SQL. If you write/sell/deploy applications written in PL/SQL then you should look at PFCLObfuscate to help protect the invested IPR in your PL/SQL code.

Contact us for more details or if you would like to purchase a license.

May 2013

This is the weblog for Pete Finnigan. Pete works in the area of Oracle security and he specialises in auditing Oracle databases for security issues. This weblog is aimed squarely at those interested in the security of their Oracle databases.

Weblog Home
Weblog Archives

Oracle Security Tools page
Oracle security papers
Oracle Security alerts

Web Development
SQL Server Security

Atom 0.3 FEED
Powered by gm-rss 2.0.0

Valid XHTML 1.0!