My Series


Security Topics

Pete Finnigan wrote recently that “Securing data in an Oracle database falls into a number of grouped activities”. I have tried to cover something in each category over the years, and have organized them by group here:

Two Factor Database Authentication

A series of posts detailing how to authenticate to an Oracle database using a smart card hardware token such as the DOD Common Access Card (CAC).

Two Factor APEX Authentication

A series of posts detailing how to authenticate to Oracle Application Express using a smart card hardware token such as the DOD Common Access Card (CAC).

The DISA Database STIG

A series of posts on my interpretations of various controls in the Defense Information Systems Agency’s Oracle Database Secure Technical Implementation Guide, based on my experience as a contributing author to the first Database STIG and over twenty years of experience hardening and protecting Oracle databases.

Oracle Security on a Budget

A series of posts on how to harden and monitor your Oracle database on a shoestring budget.