Embedded Files
Date: Thursday October 30th,, 2025
Time: 8:30am-4:00pm
Location: Edina Library, 5280 Grandview Square, Edina, MN 55436
NOTE: Road Construction around Edina Grandview Library.
Many entrance and exit ramps closed at 50th Street and on Highway 100 and there are detours.
Zoom Link will be provided in registration email (using Zoom for registration only)
TCOUG Check In: (Please register) - NOTE: email Pres@TCOUG.org or Webmaster@TCOUG.org and let us know if you are attending.
Workshop Sponsors
Workshop Sponsors
Detailed Agenda
Detailed Agenda
TCOUG - FALL EVENT OCTOBER 30, 2025
TCOUG - FALL EVENT OCTOBER 30, 2025
08:30AM CT Registration and Breakfast
09:30AM CT Opening note by TCOUG Board
09:40AM CT Message from our Sponsor – VASKE Computer Inc.
09:50AM CT Protecting Databases, not just Oracle, from Agentic AI Attack by Dan Morgan
There is an emergent threat to safe computing on the horizon based on the dual-use technology known as "Agentic AI."
"Agentic AI" refers to autonomous artificial intelligence systems capable of initiating goal-focused actions with minimal direction and at speeds that preclude the use of traditional security measures.
This month's TCOUG presentation by Daniel Morgan is not just for Oracle Database Admins but for SQL and application developers, for IT management and your security officer so that they have access to the information they need to make good decisions on how to protect your organization's intellectual property. If your employer falls victim to an attack it will likely have a direct impact on your career. Be sure you extend an invitation to everyone you know that will benefit from this information which will include protecting SQL Server, PostgreSQL, MySQL, DB2, Amazon RedShift, SAP Sybase and other data retention systems including those that use JDBC and REST APIs.
12:00 PM CT Lunch
1:00 PM CT Password Verification: A Hand's-On Workshop by Dan Morgan
An Oracle Database, on installation, comes with multiple password verification functions: Almost no one knows what they actually do. And, almost never do they actually meet a customer's compliance requirements.
How is that possible you might ask? Oracle is providing a multiple password verification functions how can we not be in compliance? But the answer is actually not difficult to decipher. The reason is that the same functions are provided in the .zip file with every Oracle installation for every customer in every country, in every business sector, both public and private, and subject to every rule, regulation, and standard ever crafted ... and ... laws do not define what is a valid password ... only that a valid password must be "complex". It is the CISO, for every organization, that writes the governance rules that define minimum bytes, maximum bytes, number of upper case, lower case, numeric and special characters: All of the specific aspects that make a password "complex".
Our Fall TCOUG hands-on workshop is going to extract the source code for Oracle's password verify functions, compare those functions with real-world governance rules from a global Fortune 500 company, and modify the function's PL/SQL to achieve compliance. If you don't speak PL/SQL ... as an added bonus ... Morgan will teach PL/SQL basics too. And, all of the source code, will be made available to those attending so bring a flash-drive for your copy.
If you have PL/SQL developers in your organization be sure to invite them as well as someone from your Security Office.
1:40 PM CT Afternoon Tea Break
2:00 PM CT Continuing Password Verification workshop
2:30 PM CT Closing Remarks
Event Location/Parking
Event Location/Parking
Introduction to Presenters
Introduction to Presenters
Sponsor - Vaske Computer, Inc.
TCOUG President
TCOUG President
Mandeep Singh - President TCOUG
Mandeep Singh - President TCOUG
President, TCOUG
President, TCOUG
Report abuse