PeteFinnigan.com Limited have developed a static source code analyser for PL/SQL. Its primary function is to scan and review your PL/SQL source code. It works by connecting to the database and analyses your PL/SQL packages, procedures, functions and types by extracting them from the database first. The reason we start in the database is because PL/SQL is a database langauge and does not run in isolation from the database. Also we need to assess how and where your PL/SQL code is deployed and obviously the security implications of the code, the deployment and all of the dependencies. The analyser of course does focus on dangerous syntax used and can detect issues such as SQL Injection but it can also tell you about incorrect use of dangerous resources or incorrect management of resources. PFCLCode of course can also address permissions and design decisions made when the code is deployed to the database.
PFCLCode also includes a detailed dashboard to give you an overview of the code that you are analysing and number of issues located. It also allows you to compare the current situation in your PL/SQL code to any previous analysis that you have done.
PFCLCode is a Windows based software and it can be used by a developer or a tester or a security analyst to review source code already deployed to a database. It needs to connect to a development or test database or even production to analyse the PL/SQL source code.
If you are interested how to scan and review your PL/SQL source code, you are kindly invited to join Pete Finnigan, one of the most well known experts in Oracle database security, at his live demo.
Webinar "PFCLCode - Tool to Review PL/SQL for Security Issues" will take place on Wednesday, 27th October 2021, at 10:00 a.m., CET.
Webinar is free of charge.
Looking forward to meeting you online.
Kristina Ober, CMO, Smart Com
Online srečanje IT kluba na temo »Kako se hitrejše in učinkoviteje odzvati na skrite in neznane varnostne incidente?«, ki smo organizirali skupaj s podjetjem Palsit d. o. o., je presegel naša pričakovanja. Z webinarjem, ki ga je izvedel Matjaž Katarinčič, vodja tehnološkega področja kibernetska varnost na Smart Comu, smo nagovorili več kot 130 zainteresiranih IT strokovnjakov in tako dodatno razširili krog sogovornikov. Poleg zanimive vsebine je za takšen rezultat zaslužna tudi Palsitova ekipa, ki je odlično promovirala online srečanje in ga tehnično tudi izvedla.
Nebojša Stankić, Zebra Systems s.r.o.
I would like to thank all the interesting and well known participants for joining and ofcourse the organizers, Palsit d.o.o. Usually, when people attend online workshops they leave faster than they come. The common theme is boring and at worst confusing. I don't want to brag (too much). But this workshop was critical and fruitful. What made it sooo good? What brought it to that level of yum? Here's what made it a great experience: The atmosphere was ….Ol' fashioned. That's right… Tech guys (and gals) sitting in a round table discussion, talking the old fashioned way. · Real conversation · Mutual respect · Positive energy We had jokes, analogies, and stories that connected all of us. I'm really looking forward to the next event. Thank you all for making it an online event to remember.