Call: +44 (0)1904 557620 Call
Blog

Pete Finnigan's Oracle Security Weblog

This is the weblog for Pete Finnigan. Pete works in the area of Oracle security and he specialises in auditing Oracle databases for security issues. This weblog is aimed squarely at those interested in the security of their Oracle databases.

[Previous entry: "Oracle Security Expert Seminar"] [Next entry: "Data Exposure, leakage and Reporting"]

Oracle Security Talks, Training and Conferences



Kamil Stawiarski who runs Database Whisperers sp. z o. o. sp. k., an Oracle specialist consulting company in Poland and whose company is also a reseller for our Oracle database security scanner PFCLScan in Poland has invited me to speak at the up-coming http://poug.org/en/ - (broken link) 1st International Conference in Poland but due to other commitments I cannot make it this year. Kamil and the guys already have some good speakers and I wish I could be there. Please have a look at the link above and come along to what promises to be a very good event in Poland!!

I also got a speaking slot at Oracle Open World but unfortunately due to a critical work commitment have had to decline the slot. This is a great pity as I have never attended Oracle Open World and I would really have liked to spoken there this year. I have however agreed to still write a paper with Oracle on the subject of the proposed talk "In the mind of a database hacker" so watch out for news of that over the coming period as its created and published.

I am also going to be teaching 5 in-depth days of my Oracle security classes with Oracle in Reading, UK from September 26th to 30th. I am looking forward to this as its a rare opportunity to attend all 5 days of my Oracle security classes in one session. If you would like to attend then please register your place with Oracle.

Over the last week or so I have also received notice from the UKOUG that I have two slots at the Tech 16 Conference in Birmingham, UK this year from December 5th to 7th at the ICC. I am hosting an Oracle Security round table and also will present on what to do if you do not have (or cannot have if you are on SE, SE1, SE2) Database Vault and would still like to have some or all of the features. Hope to see you at the UKOUG in December!!

I am also teaching two one day classes on the 29th and 30th November 2016 in Vienna, Austria with Oracle University. These are "Secure Coding in PL/SQL" and "Lock down and secure your Oracle Database".

OK, that's all for now, please come and hear me speak.

There has been 2 Comments posted on this article


August 13th, 2016 at 06:48 am

Pete Finnigan says:

Pete, what you think about datasunrise database firewall for Oracle?
datasunrise.com/datasunrise-for-oracle

Thanks!



August 16th, 2016 at 09:53 am

Pete Finnigan says:

Hi Art,

Thanks for your comment and question. I was aware of DataSunrise Inc but I have not tested their product yet. Unfortunately I am too busy at present with paid work..:-(

The website claims to support behavioural analysis in the form of white list processing - i.e. good sql and bad sql but it does not go as far as to detail this fully. This was the Secerno products USP and this is now the Oracle firewall. The website states that it supports Windows and Linux, I assume that means for its install and not database platforms. It is network based so there are always limits with network based products.

I am happy to discuss further via email and will drop you an email

Cheers

Pete