Writing your own Lambda function for secret rotation
Introduction A few weeks ago I published a blog about secret rotation , I used the default Lambda functions for single user and multi users that are maintained by …
Category: Cyber Security
How to install Bitwarden with added security in AWS
Introduction I used LastPass for several years, and it helped me a lot to access my passwords and secrets on any moment, from multiple devices, in a secure way. …
AMIS DataSafe, the answer to Black Swan scenarios
March 29, 2022
Technology, AMIS, Architecture, Cloud, Cyber Security, DevOps, Digtial Innovation, Gouvernance, Platform Technology
No Comments
How to be prepared for a black swan scenario?
AWS Config automated remediation
Introduction It is possible in AWS to check if your environment is compliant to your minimum standards. It is also possible to automatically change the environment to make it …
Play environment for WebGoat, WebWolf and Juice Shop
In this blog post, I will show how you can install the OWASP training tools WebGoat, WebWolf and JuiceShop on your local laptop using Vagrant.
Jenkins: Obtaining and displaying credentials
Jenkins is a solid CI/CD platform which has proven itself over the years. Many organizations use it to build, test and deploy their applications. In Jenkins it is possible …
SonarCloud: OWASP Dependency-Check reports
SonarCloud is a hosted SonarQube SaaS solution which helps you with code quality management. It is free to use for open source projects. You cannot install 3rd party plugins …
OWASP ZAP: A quick introduction to a versatile open source DAST tool
OWASP ZAP (Zed Attack Proxy) is an open source dynamic application security testing (DAST) tool. It is available here and has a website with documentation here. I recently encountered it when looking …
Java Security: Open Source tools for use in CI/CD pipelines
It is often expected of a DevOps team to also take security into consideration when delivering software. Often however, this does not get the attention it deserves. In this …
VNet peering in Azure
Introduction I looked into virtual network peering peering in Azure and I saw something that looked rather strange to me. Let me explain what it was, how VNet peering …
Using one-time upload URLs in AWS with S3 versioning
In this blog, I will show how you can use the SAM (Serverless Application Model) to get a presigned upload URL to AWS S3 that can be used exactly …
Using one-time upload URLs in AWS with Memcached
In this blog I will show how you can use the SAM (Serverless Application Model) to get a presigned upload URL to AWS S3 that can be used exactly …
Using one-time upload URLs in AWS using DynamoDB
In this blog, I will show how you can use the SAM (Serverless Application Model) to get a presigned upload URL to AWS S3 that can be used exactly …
Jenkins Pipeline: SonarQube and the OWASP Dependency-Check
The OWASP Foundation plays an important role in helping to improve security of software worldwide. They have created a popular and well-known awareness document called the ‘OWASP Top 10‘. …
Surprisingly easy: Anchore Engine for container vulnerability scanning in a Jenkins pipeline running on Kubernetes
Anchore Engine is a popular open source tool for container image inspection and vulnerability scanning. It is easily integrated in a Kubernetes environment as an admission controller or in …
Heeft kwetsbaarheid verholpen….
Alleen al dit jaar zijn er meer dan 70 'adviezen' geformuleerd door het Nationaal Cyber Security Centrum. Ondanks deze adviezen lezen we met enige regelmaat over grote IT-hacks en …
Anchore Engine: Container image vulnerability scanning
Applications nowadays, are usually deployed inside containers. A container consists of libraries and tools which allow the application to run inside. Since there can be exploitable vulnerabilities, it is …
Policies in AWS (2)
Yesterday I published a blog about AWS policies. We used the IAM wizard to create a policy. When you try to use this policy with the users we created, …
Secure browsing using a local SOCKS proxy server (on desktop or mobile) and an always free OCI compute instance as SSH server
Oracle provides several services as ‘always free’. In contrast to Azure and Amazon, these include compute instances which remain ‘forever’ free to use. Although there are some limitations on …
Securing Oracle Service Bus REST services with OAuth2 client credentials flow (without using additional products)
OAuth2 is a popular authentication framework. As a service provider it is thus common to provide support for OAuth2. How can you do this on a plain WebLogic Server …
How to securely access remote content without using a VPN: Use a proxy server accessed through an SSH tunnel
There are numerous occasions that I was limited in my work because of connectivity which could not be trusted. For example; I could not download large installers due to …
OpenSSL example commands
OpenSSL “OpenSSL is a software library for applications that secure communications over computer networks against eavesdropping or need to identify the party at the other end. It is widely …
Oracle SOA Suite and WebLogic: Overview of key and keystore configuration
Keystores and the keys within can be used for security on the transport layer and application layer in Oracle SOA Suite and WebLogic Server. Keystores hold private keys (identity) …
Oracle Mobile Cloud Service (MCS) and Integration Cloud Service (ICS): How secure is your TLS connection?
In a previous blog I have explained which what cipher suites are, the role they play in establishing SSL connections and have provided some suggestions on how you can …
Oracle Compute Cloud – Uploading My Image – Part Two – Linux 7
July 24, 2017
Cloud, Cyber Security, DevOps, IT, Platform Technology, Virtualization and Oracle VM
4 Comments
In this sequel of part one I will show how you can upload your own (Oracle) Linux 7 image in the IAAS Cloud of Oracle. This post will use …
Two way ssl
How it works in a simple view Several implementations are done with 2 way ssl certificates, but still wondering how it works? Let’s try to explain. Two-way ssl means …
AWS – Build your own Oracle Linux 7 AMI in the Cloud
July 14, 2017
Cloud, Cyber Security, Database, IT, Oracle, Platform Technology, Virtualization and Oracle VM
3 Comments
I always like to know what is installed in the servers that I need to use for databases or Weblogic installs. Whether it is in the Oracle Cloud or …
SSL/TLS: How to choose your cipher suite
For SSL/TLS connections, cipher suites determine for a major part how secure the connection will be. A cipher suite is a named combination of authentication, encryption, message authentication code …
Configuring Oracle Traffic Director 12c with WebGate
At a recent customer install, I was faced with configuring Oracle Traffic Director (OTD) 12.2.1.2.0 Webgate with Oracle Access Manager. Deploying Webgate on OD 12c is very well described …
Single-Sign-On to Oracle ERP Cloud
More and more enterprises are using Single-Sign-On (SSO) for there on-premise applications today, but what if they want to use SSO for there cloud applications as well? This blog …
Oracle 12c STIG Password Generator in PL/SQL
January 24, 2017
AMIS, Cyber Security, Database, Databases, DBA Oracle, DevOps, Engineered Systems, ExaData, ODA, Oracle, Oracle 12, PL/SQL, SQL
1 Comment
![Oracle 12c STIG Password Generator in PL/SQL]({"aperture":"0","credit":"","camera":"","caption":"","created_timestamp":"0","copyright":"http:\/\/seattletimes.nwsource.com\/ABPub\/2012\/08\/02\/2018836700.jpg","focal_length":"0","iso":"0","shutter_speed":"0","title":"","orientation":"0"} "Oracle 12c STIG Password Generator in PL/SQL")
Creating or modifying an Oracle Database user password can be done by using any standard password generator you can find on the WEB. But I wanted a password to …
One of the many nice new features in 12c database: code based access control
September 5, 2016
Cyber Security, Databases, Deployment, Oracle, Oracle 12, PL/SQL, Software Development, SQL
1 Comment
Topic of this blog is a nice new feature in 12c, not the plsql package I built that’s using it. So here’s the story.. For one of our customers …
Digital Transformation calls for comprehensive Information Security measures.
Do you want to know how your company can survive Cyber Security threats? And what can be an approach to stay compliant? Have you ever thought about security related …
Simple security system using Raspberry Pi 2B + Razberry + Fibaro Motion Sensor (FGMS-001)
In this article I’ll describe how I created a simple home-brew burglar detection system to send me a mail when someone enters my house (so I can call the …
How to integrate Oracle Enterprise Single Sign on with Windows login.
Last month I helped a customer integrate a legacy application with Oracle Enterprise Single Single On (ESSO) version 11.1.2.3. I configured the legacy application within ESSO so the login …
Oracle Cloud en de Europese Privacy regels; waar moeten we op letten?
December 7, 2015
Book reviews and Publications, Cloud, Cyber Security, Oracle, Technology
No Comments
Als Oracle gebruiker ziet u de mogelijkheden van de Oracle Cloud. De grote flexibiliteit, de mogelijkheid om capaciteit bij en af te schalen, instant diensten en het maandelijkse verrekenmodel. Alleen al de korte doorlooptijd voor (tijdelijke) …
Reflections after Oracle OpenWorld 2015 – Identity Management (IAM, OIM, OAM and primarily: IDCS)
Clearly, identity and access management is crucial. For on premises enterprise applications, with mobile apps and no less with cloud based applications. Identity and Access Management revolves around a …
Whitepaper: How to reach an optimal Cloud Security Level
With the rise of cloud applications, a new way of looking at security is required. Security is no longer concentrated only within the perimeter of your company. The scope …
Database security for MySQL – MySQL Database Firewall
Looking at breaches in information systems and Cyber Crime the focus of the perpetrators is always aimed at our data. The goal is to copy, modify or even destroy the core …
Use DB Vault to protect password strength policy
Suppose your organization wants to enforce a security policy on database password strength. The DBA’s have implemented a password strength verification function in PLSQL such as the oracle supplied …