Pete Finnigan wrote recently that “Securing data in an Oracle database falls into a number of grouped activities”. I have tried to cover something in each category over the years, and have organized them by group here:
- Hardening and Patching (OS, DB Software, TDE, Backups, etc.)
- Limit Access to the Database (networking, passwords, logon triggers, etc.)
- User Access Controls (least privilege)
- Data Access Controls / Context Based Controls (VPD, OLS, DV, Custom Roles, etc.)
- Audit Trail Management (UAT, FGA, AVDF, Splunk, etc.)
A series of posts detailing how to authenticate to an Oracle database using a smart card hardware token such as the DOD Common Access Card (CAC).
A series of posts detailing how to authenticate to Oracle Application Express using a smart card hardware token such as the DOD Common Access Card (CAC).
A series of posts on my interpretations of various controls in the Defense Information Systems Agency’s Oracle Database Secure Technical Implementation Guide, based on my experience as a contributing author to the first Database STIG and over twenty years of experience hardening and protecting Oracle databases.
A series of posts on how to harden and monitor your Oracle database on a shoestring budget.