Services
PFCLATK PeteFinnigan
We supply our PL/SQL based toolkit to customers who hire us to design and implement an audit trail for them. The high level steps in a piece of work like this are:
- We sit down (in person or virtually over Teams/Webex/Zoom etc) and agree a plan and budget of what the client would like to achieve. We also agree at a high level what events/issues the client would like to capture in their database, such as detecting sharing of accounts, possible attacks, changes to security and more. These are audit events
- PeteFinnigan.com Limited will then produce an initial design of the audit trail and the main part of the design is a table of events. We also suggest and add our suggestions
- Next the design is presented for review and a meeting takes place to agree the audit events that should be captured.
- After agreeing the events we expand the table of events in the design to identify what raw audit should be captured and also how each event should be recognised and eventually reported as an alert. An example for detecting users sharing accounts is to audit connections and then for the event to be true detect any use of the same account from different locations
- We then review the final design with the customer before implementing the events for the customer as policies in our PFCLATK toolkit. This is easy and uses a declorative framework
- The customer can then add his own factors that define different type of information such as support users, DBA accounts, relevant IP addresses and more
- The PFCLATK toolkit is then deployed by the customer and tested to see that the designed audit events are capturing what is needed
- The design is signed off and the customer can deploy PFCLATK to all of their databases
If you would like to receive further details of this service and product then please email pete@petefinnigan.com
