Security

Automating Linux patching with Ansible – How to keep all your environments consistent ?

Your may want to patch your Linux servers on a regular basis (e.g using “yum/dnf update”). As always, it’s obviously recommended to : 1) Patch the TEST systems 2) Check if there is no side effects 3) Wait(…)

How to find the TLS used for the SQL Server connection

For a customer, I do some research to find which TLS is used on the SQL Server environment. The only way is to create an Extended Event. A big limitation is that the event used is only available on SQL(…)

SQL Server connectivity issue – troubleshoot TLS configuration

In the blog post, I will share a case of troubleshooting a connectivity issue with SQL Server. The problem occurred in a migration context. The SQL Server databases (in version 2008 to 2014) from multiple applications were consolidated on a(…)

Automating Linux patching with Ansible

Since the beginning of the year, several vulnerabilities have been discovered in the Linux Kernel as well as in others important and widely-used packages. Among them, there was the famous CVE-2021-3156 affecting the sudo package and allowing(…)

Swiss Cyber Security Days (SCSD)

The Swiss Cyber Security Days (SCSD) took place on March 10 and 11, 2021 The largest event in Switzerland entirely dedicated to cyber security took place on March 10 and 11, in a 100% digital form.

Oracle 21c Security : Mandatory Profile

By Mouhamadou Diaw With Oracle 21c, it is now possible to enforce a password policy (length, number of digits…) for all pluggable databases or for specific pluggable databases via profiles. This is done by creating a mandatory profile in the(…)

Oracle 21c Security : Gradual Database Password Rollover

By Mouhamadou Diaw Starting with Oracle 21c, a password of an application can be changed without having to schedule a downtime. This can be done by using the new profile parameter PASSWORD_ROLLOVER_TIME This will set a rollover period of(…)

Oracle 21c Security : ORA_STIG_PROFILE and ORA_CIS_PROFILE

By Mouhamadou Diaw In my previous blog I was testing the creation of a new Oracle 21c database. In this blog I am talking about two changes about the security. In each new(…)

Increase your PostgreSQL databases security by checking a few settings Part 2

Continuing from my first blog we will check some more access and authentication configurations. Focusing on removing unnecessary database privileges. After that we will configure the backend parameters correctly to have more robust PostgreSQL server/client sessions. And at last SSL(…)

Increase your PostgreSQL databases security by checking a few settings

This blog provides you with a short overview of easy to control settings that enhance your PostgreSQL security. Mostly by creating a separate group to assign privileged database members. And checking different logging and log rotations settings for better and(…)