PFCLScan – Enterprise Database Security Scanner

by Limited

PFCLScan is a powerful and comprehensive security assessment scanner for the Oracle database. PFCLScan is a sophisticated product that allows simple pre-defined policies and reports to be run by someone who is not skilled in Oracle database technology BUT it also allows custom policies to be built and used very easily. PFCLScan is architected by Pete Finnigan a well-known expert in real world securing Oracle databases for customers.


Fig 1: PFCLScan example of a password cracker report

PFCLScan Features and Benefits

  • Detects weak and insecure passwords for Oracle 10g, 11g and 12c
  • Locates passwords stored in the Oracle database
  • Tests for secure configuration settings for compliance
  • Tests PL/SQL code for insecurities
  • Works with Oracle 12cR1 container databases
  • Works with Oracle 9i to 12cR1
  • Check versions and patches
  • Uses Oracle OCI instant client, so no full client installations needed
  • Review user privileges and profiles
  • Detailed assessment of users and schemas for least privilege
  • Detailed review of audit trail configurations
  • Tests for root kits, backdoors and forensic evidence of possible attacks
  • Detailed Summary reports or detailed reports
  • Ability to generate fix scripts
  • Powerful interface to allow custom policies to be created
  • All of our shipped policies are open and readable and extendable
  • Powerful and easy to use reporting  language
  • Easily expandable and customisable to create your own policies
  • Plugins, automation and more
  • Command line or GUI

PFCLScan is simple to use and install. Install and scan your first database and produce a security vulnerability report literally in minutes but PFCLScan is powerful enough to customise to suit your own needs and internal security requirements.

Simple and cost-effective licensing based on software installation not the number of databases scanned.

More Information, Request A Demo?

If you would like to receive further details of this exciting product or request a demo then please email

This product includes software developed by the OpenSSL Project for use in the OpenSSL Toolkit ( This product includes cryptographic software written by Eric Young (