Tech Center Database Security
Dark Reading's Database Security Tech Center is your portal to all the news, product information, technical data, and other information related to the topic of database security. Written for database administrators and businesspeople as well as security and IT professionals, the Database Security Tech Center is a single community dedicated to protecting one of the most sensitive assets in cyberspace: the company database.
Featured Commentary
-
Adrian LaneHow Do You Use DAM For Blocking? You Don't
Curiously, many view blocking malicious Web application requests via WAFs as the appropriate approach.
News
-
8 New Yorkers Indicted As Part of $45 Million Cyberheist Of Prepaid Debit Cards
Orchestrated massive global 'bank heist' by an international cybercrime organization targeted credit card processor for MasterCard prepaid debit cards, waged and coordinated mass ATM withdrawals
-
10 Reasons SQL Injection Still Works
Developer techniques, business process choices, and attacker preferences all play a part in the continued relevance of SQLi
-
Convenience Store Chain Hacked, Customer Payment Data At Risk
MAPCO Express says the FBI is investigating a breach that exposed customer financial data in its stores
-
Sweet Password Security Strategy: Honeywords
To improve detection of database breaches, businesses should store multiple fake passwords and monitor attempts to use them, according to researchers at security firm RSA
-
Prioritizing Your Database Security Patches
Patching databases can be painful, but the presence of critical vulnerabilities can make closing security holes quickly necessary
More Stories
- Developing Data Classification For Stronger Database Security
- Patch PostgreSQL To Prevent DoS Or Privilege Escalation
- How To Improve DBA And Security Team Relations
- Enterprises Less Confident They Can Stop Targeted Attacks On Their Servers
- Web Application Attacks Dominate
By The Numbers
What Threatens Database Information?
Human error still leads the pack in the list of risks, threats or vulnerabilities that leave data open to compromise.
Source: International Oracle Users Group 2012 Enterprise Data Security Survey
Commentary
-
Why Database Monitoring?
By Adrian Lane
Hoping other people detect your breach before you lose millions is not a good strategy
-
-
-
-
Around the Web
Dark Reading Reports
-
Security Implications Of Big Data Strategies
To understand how to secure big data, you have to understand what it is - and what it isn't. As organizations set about building big data clusters, they're finding that many of the best practices for securing such clusters are the same used to secure any corporate data. However, there are some big differences as well. Here are some recommendations on how to alter your security strategy to accommodate big data - and when not to.
-
Building and Maintaining Database Access Control Provisions
Knotted and complex database access permissions are among the biggest threats to enterprise data security. In this Dark Reading report, we examine the problems associated with granting permissions to sensitive data, and recommend solutions that will help organizations thoughtfully and effectively grant privilege when and where it is needed - and only when and where it is needed.
-
A Guide to Database Activity Monitoring
Database activity monitoring, or DAM, is an effective compliance and security strategy. However, not every DAM system will work the same in every organization. Indeed, not every organization can even make use of every feature that DAM systems provide. In this report, we examine what DAM can and can't do, and recommend how to evaluate and implement the best system for your organization.
- Eight Steps to Securing Small Databases
- Strategies For Protecting Web-Facing Databases
- How Attackers Find and Exploit Database Vulnerabilities
- Securing The Data Warehouse
- Defend Your Data From Malicious Insiders
- Ensuring Secure Database Access
- Stop SQL Injection: Don't Let Thieves in Through Your Web Apps
Other reports from the Database Security Tech Center:
Related Content
-
Control And Protect Sensitive Information In The Era Of Big Data
This report outlines the future look of Forrester's solution for security and risk executives seeking to develop a holistic strategy to protect and manage sensitive data. In the never-ending race to stay ahead of the competition, companies are developing advanced capabilities to store, process, and analyze vast amounts of data from social networks, sensors, IT systems, and other sources to improve business intelligence and decisioning capabilities.
-
Understanding Holistic Database Security, 8 Steps to Successfully Securing Enterprise Data Sources
This paper discusses the 8 essential best practices that provide a holistic approach to safeguarding data and achieving compliance with a proactive and systematic approach to ensure that corporate databases, data warehouses, file shares and Hadoop-based big data environments are secure from breaches and unauthorized changes, while achieving compliance with key regulations such as SOX, PCI DSS, GLBA, HIPAA and data protection laws.
-
Database Activities You Should Be Monitoring, Gartner analyst
As data stores grow in scope and importance, the need to monitor activities - especially in RDBMSs becomes essential for meeting legal and regulatory compliance requirements. These databases store huge amounts of sensitive data, affecting both data security and system and data availability. Is the data safe? Who has access and what are they doing with that access?
-
Top 3 Myths about Big Data Security: Debunking common misconceptions about big data security ebook
Security for big data systems is not optional, it's imperative. This eBook addresses three myths of big data security: 1) Big data is a buzz word; existing security controls will suffice. 2) Big data deals with social media and sentiment analysis; this data is freely given up by individuals, waiving their security rights. 3) Big data equals Hadoop and Hadoop is used for internal analytics only.
Free Research and Reports
Whitepapers
Upcoming Events
Dark Reading Digital Magazine
In This Issue
- The Future Of Web Authentication: Password technology is out of steam. We need safer ways to prove who's who online.
- Rethink ID Management: If the technology continues to improve, it might soon be OK for all of us to be one person on the Web.