banner
LightNews
petefinnigan.bsky.social
Pete Finnigan
@petefinnigan.bsky.social
420 followers 320 following 45 posts
Living, breathing Oracle Security; Oracle ACE on security; OAK table member. Database security audits, consulting and training on all aspects of Oracle security - http://www.petefinnigan.com/training/oracle_security_training_in_york_2025.htm
www.petefinnigan.com
Posts Media Videos Starter Packs
petefinnigan.bsky.social
Pete Finnigan @petefinnigan.bsky.social · 4h
I have just posted a new blog discussing AI and AI for Oracle Security - www.petefinnigan.com/weblog/archi... - #oracleace #sym_42 #ukoug #ai #UKOUGDiscover25 #OracleCommunity #JoelKallmanDay #oracle #database #AI
1 3
petefinnigan.bsky.social
Pete Finnigan @petefinnigan.bsky.social · 21d
Brand new blog post discussing how we may block DISABLE TRIGGER to help with designing security solutions within the database - www.petefinnigan.com/weblog/archi... - #oracleace #sym_42 #oracle #database #security #grants #ddl #trigger #protect #hacking #databreach #UKOUGDiscover2025
2
petefinnigan.bsky.social
Pete Finnigan @petefinnigan.bsky.social · 23d
I have been accepted to speak twice at the UKOUG conference in December - www.petefinnigan.com/weblog/archi... - #oracleace #sym_42 #UKOUGDiscover25 #UKOUG #conference #community #oracle #database #security #fuzzing #design #plsql
4
petefinnigan.bsky.social
Pete Finnigan @petefinnigan.bsky.social · Sep 10
My Oracle Security blog is 21 next week. I have created a summary post detailing some of the blog journey - www.petefinnigan.com/weblog/archi... - #oracleace #sym_42 #oracle #database #security #tools #software #training #products #blogging #birthday
4
petefinnigan.bsky.social
Pete Finnigan @petefinnigan.bsky.social · Sep 9
Is it possible in Oracle to stop your own procedure/package from being executed by someone with EXECUTE ANY PROCEDURE? - petefinnigan.com/weblog/archi... - #oracleace #sym_42 #oracle #security #audit #trail #audittrail #databreach #hacking #grants #protect #readonly #table
5
petefinnigan.bsky.social
Pete Finnigan @petefinnigan.bsky.social · Sep 3
Testing our secured schema and table to allow READONLY and delete and insert only via an API - www.petefinnigan.com/weblog/archi... - #oracleace #sym_42 #oracle #security #audit #trail #audittrail #databreach #hacking #grants #protect #readonly #table
3
petefinnigan.bsky.social
Pete Finnigan @petefinnigan.bsky.social · Aug 26
Lets implement an account you cannot log into and a table that you can read but not delete/insert except by an API and no updates! - www.petefinnigan.com/weblog/archi... - #oracleace #sym_42 #oracle #security #audit #trail #audittrail #grants #protect #readonly #table
2
petefinnigan.bsky.social
Pete Finnigan @petefinnigan.bsky.social · Aug 19
New blog discussing how we may replicate the security of the AUDSYS.AUD$UNIFIED table without access to Oracle secret sauce - www.petefinnigan.com/weblog/archi... - #oracleace #sym_42 #oracle #security #audit #unified #protect #audittrail #databreach #readonly #grants #protection
2
petefinnigan.bsky.social
Pete Finnigan @petefinnigan.bsky.social · Aug 14
What is a schema in Oracle and what does the CREATE SCHEMA command do? - www.petefinnigan.com/weblog/archi... - #oracleace #sym_42 #oracle #database #security #create #schema
1 4
petefinnigan.bsky.social
Pete Finnigan @petefinnigan.bsky.social · Aug 12
Exploring how Oracle may or may not secure AUDSYS and AUD$UNIFIED - www.petefinnigan.com/weblog/archi... - #oracleace #sym_42 #oracle #security #audit #unified #protect #audittrail #databreach
4
petefinnigan.bsky.social
Pete Finnigan @petefinnigan.bsky.social · Aug 11
Twisted foot sideways and heard loud snap so knew it was broken. Rang 111, A&E and Urgent Care, x-ray &had the boot fitted quickly. 4-6 weeks for it to heal BUT all Oracle Security work, training and products are available #oracleace #sym_42 #oracle #security #training #software
2
petefinnigan.bsky.social
Pete Finnigan @petefinnigan.bsky.social · Aug 7
A new PL/SQL unwrapper for 9i and lower - www.petefinnigan.com/weblog/archi... - #oracleace #sym_42 #oracle #plsql #unwrap #reverse #engineering #security
1 7
petefinnigan.bsky.social
Pete Finnigan @petefinnigan.bsky.social · Aug 5
New blog about attacking and protecting the Oracle database from file system issues - www.petefinnigan.com/weblog/archi... - #oracleace #sym_42 #oracle #database #security #dos #hacking #file #directory #java
1 5
petefinnigan.bsky.social
Pete Finnigan @petefinnigan.bsky.social · Aug 5
Thanks for this great insight Christoph
1
petefinnigan.bsky.social
Pete Finnigan @petefinnigan.bsky.social · Jul 31
Oracle protects the user AUDSYS and makes the table AUD$UNIFIED read only; not 100% true because Oracle writes to it and allows delete via DBMS_AUDIT_MGMT. How does this work - www.petefinnigan.com/weblog/archi... - #oracleace #sym_42 #oracle #security #audit #trail #unifiedaudit #readonly
1 4
petefinnigan.bsky.social
Pete Finnigan @petefinnigan.bsky.social · Jul 28
Would you be surprised to know that if you issue one DDL command in Oracle that it actually does two DDL commands? - www.petefinnigan.com/weblog/archi... - #oracleace #sym_42 #oracle #database #security #ddl #grants #privileges #hacking
1
petefinnigan.bsky.social
Pete Finnigan @petefinnigan.bsky.social · Jul 22
Don't be caught out using Mixed Mode Unified audit and find that your unified audit trail stops working - www.petefinnigan.com/weblog/archi... - #oracleace #sym_42 #unified #audit #oracle #database #security #audittrail #audit
4
petefinnigan.bsky.social
Pete Finnigan @petefinnigan.bsky.social · Jul 10
Blog post about auditing Oracle databases - www.petefinnigan.com/weblog/archi... - creating a security score, alerts score as well as adaptive audit trails and security and finally a black-box flight recorder for Oracle databases - #oracleace #sym_42 #oracle #database #security #audit
4
petefinnigan.bsky.social
Pete Finnigan @petefinnigan.bsky.social · Jul 3
I have just created a blog post discussing privilege escalation in Oracle - www.petefinnigan.com/weblog/archi... - #oracleace @oracleace #sym_42 #oracle #security #privilege #escalation #roles #grants #databreach #hacking #training
8
petefinnigan.bsky.social
Pete Finnigan @petefinnigan.bsky.social · Jun 26
More details in - www.petefinnigan.com/weblog/archi... - discussing June 29th. 30 years since I got a first class honours degree in Electronics and 49 years since myself and Paul stopped an express train from crashing - #oracleace #oracle #security #traincrash #degree #electronics #june29th
2
petefinnigan.bsky.social
Pete Finnigan @petefinnigan.bsky.social · Jun 25
Thanks #oracleace @oracleace for accepting me as an Oracle ACE Pro for another year!!
1 6
petefinnigan.bsky.social
Pete Finnigan @petefinnigan.bsky.social · Jun 6
Great news yesterday and extremely honoured to get an email from @oracleace to let me know I am an Oracle ACE Pro for 2025 to 2026. Thanks!
2
petefinnigan.bsky.social
Pete Finnigan @petefinnigan.bsky.social · May 15
PFCLScan can be used to look for vulnerabilities in an Oracle database. I have written a brief history of the development of this tool as someone asked me about it recently - www.petefinnigan.com/weblog/archi... - #oracle #security #pfclscan #vulnerability #scanner #breach #databreach #datasecurity
2
petefinnigan.bsky.social
Pete Finnigan @petefinnigan.bsky.social · May 14
Finally changed PeteFinnigan.com to HTTPS. I know some people have commented over the years about this BUT the site was / is static and we do not collect any data so strictly HTTPS was not necessary but we have implemented it - www.petefinnigan.com/weblog/archi... - #oracle #security #website #https
2
petefinnigan.bsky.social
Pete Finnigan @petefinnigan.bsky.social · Apr 14
Is it possible to extend a PL/SQL application including Apex at runtime by embedding a script engine into it? - www.petefinnigan.com/weblog/archi... - #oracleace #sym_42 #plsql #apex #scripting #compiler #interpreter #oracle #security
2