Oracle has just released a new major Release of its Oracle Audit Vault and Database Firewall. The new release is immediately available on Oracle’s Software Delivery Cloud. But the OTN website have not been updated. Beside the upgrade of the OS and embedded Oracle Database to 12.1.0.2, Oracle added a bunch of Enterprise-Grade Features. Starting […]
↧
Audit Vault and Database Firewall 12.2
↧
Ad: Der Oracle DBA – Handbuch für die Administration der Oracle Database 12c
The 2nd revised edition of the Der Oracle DBA will finally be released in a couple of days. Pre-Orders are already possible. It took quite a while until the publication of this release. Work on the second edition began as early as a year ago. This edition is again written in German and published by […]
↧
↧
Using Kerberos in Oracle Standard Edition
Since the release of Oracle 12cR1 mid 2013 the network encryption and strong authentication services has been removed from the Oracle Advanced Security Option. Both feature are now available for any licensed editions. Corresponding section in the Oracle Licensing Guide for 11g R2 and 12c R1 has been updated. Network encryption (native network encryption and […]
↧
Trivadis Schwaben Gipfel – Top 10 Database Threads and Risk Management
Just finished my second presentation at the Trivadis Schwaben-Gipfel in Stuttgart. It is about Database Threads and Risk assessment and a few considerations on Database classification. The slides are available for download .
↧
Oracle CPU / PSU Pre-Release Announcement July 2016
Oracle has published the Pre-Release Announcement for the July 2016 Critical Patch Update. It’s quite a huge update with not less than 276 security vulnerability fixes across the Oracle products. For the Oracle Database itself are 9 security fixes available. Dies ist wiederum eines der größeren Critical Patch Update for databases. It does contain bug […]
↧
↧
Losing the Oracle Wallet for Enterprise User Security
Having a reliable backup solution for your Transparent Data Encryption (TDE) or Enterprise User Security (EUS) Wallets, is beyond discussion. Nevertheless it can happen that you lose or corrupt the Oracle Wallet. With Transparent Data Encryption (TDE), this is really bad luck, because you can not access your encrypted data. Losing an EUS wallet is […]
↧
Oracle 12 Release 2 Documentation available
Oracle just released the documentation for Oracle 12c Release 2. It seems that most of the new security features are available as discussed in my presentation at DOAG SIG Security in Düsseldorf on the 18th of october. See docs.oracle.com for the documentation bookshelf. Yet a short summary of new security features Encryption TDE Tablespace Live […]
↧
Oracle CPU / PSU Announcement January 2017
Oracle has published the first Critical Patch Update in 2017. It’s quite a huge update with not less than 270 new security vulnerability fixes across the Oracle products. For the Oracle Database itself are 5 security fixes available respectively 2 security fixes for the Oracle Database Server and 3 security fixes for Oracle Secure Backup […]
↧
Oracle 12.2.0.1 On-Premises soon available
It seems that Oracle brings us the new release with the first “spring rays”. Tonight Oracle has Updates the MOS Note 742060.1 Release Schedule of Current Database Releases. It now includes as well sections for Oracle public cloud releases, on-premises engineered systems as well on-premises server releases. In particular the section on-premises server release has […]
↧
↧
Oracle CPU / PSU Announcement April 2017
Last night Oracle released there new Critical Patch Update. From the DB perspective it is a rather small patch update. It just includes 2 fixes for security vulnerabilities on Oracle database 11.2.0.4 and 12.1.0.2. None of the vulnerabilities are remote exploitable without authentication but one fix is also for client only installations. The highest CVSS […]
↧
DOAG Webinar Oracle 12.2 New Security Features
A couple of days ago I’ve successfully finished the DOAG Webinar on Oracle 12c Release 2 new Security Feature. It was a great opportunity to discuss the security enhancements in the latest Oracle database release. This release introduces some new security features that simplify the secure operation of on-premises or cloud-based databases. Especially the online […]
↧
GDPR and Database Security Speeches
The new EU GDPR and Database Security in general keeps me busy. I’ve updated the list of speeches and events for the next couple of month. It’s an interesting mix between GDPR, Oracle Database Security and MS SQL Server 2016 security. Depending on the feedback of the Call For Papers for the DOAG Conference and […]
↧
Articles in DOAG Red Stack Magazin
A while ago I wrote two articles for the DOAG Red Stack Magazin. In the meantime both articles have been published. For this reason I use the opportunity to make the PDF versions of the articles available on oradba.ch. The articles are written in German and available as Trivadis version as well Red Stack version. […]
↧
↧
Oracle CPU / PSU Announcement October 2017
The Oracle open world 2017 is over, the dust just settled down. A perfect time for Oracle to release the October critical patch advisory. With not less than 270 new security vulnerability fixes across the Oracle products it seems to be a rather huge update. From the DB perspective it is nothing unusual. It contains […]
↧
DOAG 2017 Oracle 12c Release 2 Datenbank-Sicherheit in a Nutshell
Below you will find a list of the different demo scripts used during the DOAG training day 2017 Oracle 12c Release 2 Datenbank-Sicherheit in a Nutshell. In general the script do need a SCOTT or a HR demo schema. Some of the scripts may have more requirements eg. Kerberos configuration, Oracle Enterprise User Security etc. […]
↧
Oracle CPU / PSU April 2018
Oracle recently released the spring Critical Patch Advisory. It is the first critical patch update, which also includes fixes for Oracle 18c. Over all it includes 254 new security fixes across the product families. Overall a rather large update, although only a security vulnerability is patched for the Oracle databases. This vulnerability is not remotely […]
↧
Oracle 18c new Security Features
Today I had the opportunity to give a presentation on Oracle 18c new Security Features at the SOUG day in Baden. It was a great opportunity to discuss the security enhancements in the latest Oracle database release. This release introduces some new security features that simplify the secure operation of on-premises or cloud-based databases. Especially […]
↧
↧
Oracle CPU / PSU Pre-Release Announcement July 2018
Today Oracle has published the Pre-Release Announcement for the July 2018 Critical Patch Update. It’s quite a heavy update with not less than 334 security vulnerability fixes across the Oracle products. The Oracle database is relatively prominently represented with 3 security vulnerabilities and a maximal CVSS rating of 9.8. Of the vulnerabilities is remotely exploitable […]
↧
Oracle Security at Trivadis TechEvent Fall 2018
A few days ago the semi-annual Trivadis TechEvent took place. As always, it was a great IT event where Trivadis employees and customers had the opportunity to exchange and discuss a variety of topics. I had the pleasure to give one lecture about Oracle 18c New Security Features as well one on Oracle Enterprise User […]
↧
Oracle CPU / PSU Advisory October 2018
Oracle has recently published the Critical Patch Update Advisory for the October 2018. It’s once more quite a heavy update with not less than 301 security vulnerability fixes across the Oracle products. The Oracle database is relatively prominently represented with 3 security vulnerabilities and a maximal CVSS rating of 9.8. The problem CVE-2018-3259 with such […]
↧