Blog Posts Tagged with "Database Activity Monitoring"
Implementing Least Privilege
March 15, 2012 Added by:Ben Rothke
Least privilege is the notion that in a particular abstraction layer of a computing environment every module - such as a process, a user or a program depending on the subject - must be able to access only the information that is necessary for its legitimate purpose...
Comments (1)
Database Security TLAs Make Me LOL
February 15, 2012 Added by:Josh Shaul
I can only imagine what folks go through when they’re shopping for solutions to improve databases security. Do you want DAM? DAP? DAMP? DSP? DLP? WAF? To improve the security of your databases, you’re probably going to need some or all of the following capabilities...
Comments (0)
The Dangers of Non-Contextual Pattern Matching
February 15, 2012 Added by:Rafal Los
Even a system inconsistency such as an abnormal page transition velocity on your flagship web application can be overlooked - until you put all those together and realize you're being SQL Injected and someone is stealing your multi-terabyte database out from under you...
Comments (0)
It's Time to Evolve How We Protect Our Data
January 24, 2012 Added by:Josh Shaul
Advanced systems for protecting databases have been available for several years now, and have become mature and reliable technology. Databases can be locked down with secure configurations, strong access controls, and effective patch management strategies...
Comments (0)
Gamers: Hackers Latest Hot Target
December 18, 2011 Added by:Josh Shaul
If you are a gamer and you use any online gaming network or service, please be vigilant and cautious. Don't click on any offer that comes in via email, and don't signing up for anything gaming related unless you are doing so direct from the software manufacturer or gaming network...
Comments (0)
Analysis of the October 2011 Oracle CPU Database Patches
October 19, 2011 Added by:Alexander Rothacker
Oracle released its October Critical Patch Update with 57 vulnerabilities across multiple products. This low number of patches continues a trend where Oracle appears to be losing focus on database security, probably due to the many new products offerings and acquisitions...
Comments (0)
Phase II: Implementing File Integrity Management (FIM)
March 23, 2011 Added by:Ron Lepofsky
File scans are stored as a hashed value, a one way encryption technique that is used for verifying other data too important to be stored in the clear. The hash value of a rescanned file is compared with the hash value of the initial scan and if a difference appears, then a change was made...
Comments (0)
Implementing File Integrity Management (FIM)
March 17, 2011 Added by:Ron Lepofsky
If your organization is addressing data loss prevention (DLP) by minimizing the risk of damage by malicious code and by enforcing strict access controls to mitigate unauthorized access, then FIM is something you might also want to consider. FIM is monitoring all aspects of changes to key files...
Comments (0)
Database Security Discussion Lacking at RSA Conference
March 01, 2011 Added by:Alexander Rothacker
Why don’t organizations protect the database? It seems incredibly obvious, but it’s clearly not happening as often as it should be. Hopefully next year’s RSA Conference provides more education on database security – after all, that’s where sensitive information spends 99% of its lifecycle...
Comments (0)
- Five Things Your InfoSec Team Should Do in the Next 30 Days
- The Disclosure Debate Continues….. (part 1,453, 769) to be Continued
- The Danger of Mixing Cyber Espionage with Cyber Warfare
- Improving Security by Failing Faster
- BYOD: Should It Be the Wave of the Future?
- Trend Micro Discovers "SafeNet" - a New Targeted Espionage Operation Online
- Managing My Company’s Security is a Nightmare
- Bridging the Cybersecurity Divide, Why Security Innovation Must Lead the Way
- The Evolution of Industrial Control System Information Sharing
- ATM Security (And Really Learning from the Past)