Oracle Database Security For Developers

The last blog post of Jeff Smith (18.1 Features: SQL Injection Detection) about little, but nice feature of SQL Developer detecting if your PL/SQL code might be vulnerable for SQL Injection, reminded me about the presentation I’ve delivered during Oracle Tutorials at CERN in 2013.

Continue reading “Oracle Database Security For Developers”


Unified Auditing performance

Originally posted on “Databases at CERN” blog

In my previous blog post (Migrating to Oracle Database 12c – what to do with auditing?) I provided you with number of reasons why unified auditing looks very promising and should be seriously considered while migrating to 12c. Nonetheless, I was not talking at all about performance – which also seems to be greatly improved.

Continue reading “Unified Auditing performance”

Migrating to Oracle Database 12c – what to do with auditing?

Originally posted on “Databases at CERN” blog

If you consider migrating to Oracle Database 12c, no matter if you think of development, testing or production environments, one of many decisions you need to take is to define what to do with the auditing. The biggest new feature in this area is so-called Unified Auditing, which captures auditing information from different sources, like for example “normal” and FGA audit records, application contexts, RMAN or DataPump plus few others and stores it in common format and place, which is read-only, partitioned table in AUDSYS schema, by default residing in SYSAUX tablespace and using Oracle SecureFiles feature.

Continue reading “Migrating to Oracle Database 12c – what to do with auditing?”