Oracle Credentials
Service Name: Oracle Database
Service Description: Oracle Database is a multi-model database management system produced and marketed by Oracle Corporation. It is designed for enterprise grid computing and data warehousing, supporting various workloads including online transaction processing (OLTP), data warehousing, and mixed database workloads.
Service Address: https://www.oracle.com/database/
Validation Type: API Auth
IP Allow list: IP restrictions can be configured at the database level using Oracle Net Services configuration and Oracle Database firewall features.
Secret Access Scope: Grants access to Oracle databases, allowing for data retrieval, manipulation, and administration depending on the user's assigned privileges.
Secret Revokement URL: https://docs.oracle.com/en/database/oracle/oracle-database/19/dbseg/keeping-your-oracle-database-secure.html#GUID-451679EB-8676-47E6-82A6-DF025FD65156
Secret Example: oracle://username:p4ssw0rd@hostname:1521/service_name
Suspicious Activity Investigation Instructions:
- Review database audit logs for unusual query patterns or access times
- Check for unauthorized schema modifications or privilege escalations
- Monitor for large data exports or unusual query volume
- Examine connection logs for access from unexpected IP addresses
- Review user activity reports for actions outside normal business hours
Mitigation Instructions:
- Immediately change the compromised user's password using ALTER USER
command
- Revoke any excessive privileges that may have been granted using REVOKE
statements
- Consider locking the account temporarily using ALTER USER [username]
ACCOUNT LOCK
- Implement connection restrictions based on IP address using Oracle Net
Services
- Enable advanced auditing for the affected user accounts
- Review and update password policies to enforce stronger security
- Consider implementing Oracle Database Vault for additional security controls