Database Security Management

MUST READ Preventing SQL injections TIP - Learn what a SQL injection attack is, and how to defend yourself against it. Here are five methods to reduce the possibility of a future SQL injection attack on your database. Oracle patches 82 critical flaws ARTICLE - Attackers could exploit the latest Oracle vulnerabilities to access sensitive information, overwrite files or launch SQL injection attacks in numerous applications. Raising risk prospects with a new SQL injection threat ARTICLE - "Inference attacks" could deliver up your so-called secure database to an attacker.

NEWS: 1 - 3 of 103

	Oracle issues 43 updates, fixes serious database flaws SearchSecurity.com | 14 Apr 2009 ARTICLE - Oracle's quarterly Critical Patch Update contained patches for 16 database flaws and dozens of others correcting errors in Oracle Application Server and its BEA product line.

	Kaspersky website hacked multiple times, expert says SearchSecurity.com | 13 Feb 2009 ARTICLE - A number of hackers probed the Kaspersky website after an initial breach was published on the hackersblog.org website.

	SQL injection attacks targeting Flash, JavaScript errors SearchSecurity.com | 09 Feb 2009 ARTICLE - Coding errors leave thousands of websites vulnerable, but attackers are starting to target Flash and JavaScript errors for exploitation, experts say.

	VIEW ALL NEWS ON DATABASE SECURITY MANAGEMENT

EXPERT TECHNICAL ADVICE: 1 - 3 of 32

DATABASE SECURITY MANAGEMENT EXPERTS
			Michael Cobb, featured expert Founder and Managing Director, Cobweb Applications Ltd. ASK A QUESTION

	Understanding transparent data encryption in SQL Server 2008 Submitted By: SearchSQLServer.com | 09 Jun 2009 TIP - Learn how transparent data encryption in SQL Server 2008 can help your company meet compliance and security standards in SQL Server environments.

	When should a database application be placed in a DMZ? 26 Jan 2009 EXPERT ANSWER - Mike Chapple explains the best network location for an important database application. Chapple also reveals the appropriate level of access to grant remote users.

	Differences between an SAS 70 data center and a Tier III data center 06 Oct 2008 EXPERT ANSWER - Learn what the difference is between an SAS 70 data center and a Tier III data center and the strengths and weaknesses of each in this response from security management expert Mike Rothman.

	VIEW ALL EXPERT TECHNICAL ADVICE ON DATABASE SECURITY MANAGEMENT

REFERENCE & LEARNING: 1 - 3 of 9

	Information security book excerpts and reviews SearchSecurity.com | 19 Feb 2009 INFORMATION SECURITY BOOKSHELF - Visit the Information Security Bookshelf for book reviews and free chapter downloads.

	Attacks targeted to specific applications By Dan Sullivan, Realtimepublishers | 26 Jan 2007 BOOK CHAPTER - This is the fourth tip in our series, "How to assess and mitigate information security threats".

	Information theft and cryptographic attacks By Dan Sullivan, Realtimepublishers | 26 Jan 2007 BOOK CHAPTER - The third tip in our series, "How to assess and mitigate information security threats".

	VIEW ALL REFERENCE & LEARNING ON DATABASE SECURITY MANAGEMENT

MAGAZINE CONTENT (free subscription required): 1 - 3 of 13

	Enterprise Security of Microsoft SQL Server 2008 Improves Over Other Versions Information Security Magazine | 01 Sep 2008 FEATURES - New protections in SQL Server 2008 include granular data security features such as encryption, key management and meta data security enhancements. There is also increaded flexibility in role-based permissions that tighten ...

	Product review: Symantec Database Security 3.1 Information Security Magazine | 01 May 2008 HOT PICK & PRODUCT REVIEWS - DATABASE SECURITY

	Imperva SecureSphere Database Gateway product review Information Security Magazine | 01 Mar 2008 HOT PICK & PRODUCT REVIEWS - Imperva's SecureSphere Database Gateway is evaluated for its installation and configuration, management and monitoring, vulnerability assessment and reporting capabilities.

	VIEW ALL MAGAZINE CONTENT ON DATABASE SECURITY MANAGEMENT

WHITE PAPERS

	HOWTO Secure and Audit Oracle 10g and 11g Published by: Guardium | 06 Jul 2009 BOOK - Read the "Database Activity Monitoring (DAM)" chapter from "HOWTO Secure and Audit Oracle 10g and 11g" (CRC Press, 2009) and learn how to leverage DAM to prevent SQL injection attacks, monitor privileged users and track access to sensitive data.

	Ntreev USATackles Chargebacks and Terms of Service Violations with Device Reputation Published by: iovation, Inc. | 09 Jun 2009 CASE STUDY - One of the world's largest MMORPG publishers uses iovation to keep their games safe for their valued players, and the fraudsters out.

	Presentation Transcript: Continuous Data Protection (CDP) Strategies for the Enterprise Published by: Symantec Corporation | 09 Jun 2009 PRESENTATION TRANSCRIPT - This presentation will discuss the pros and cons of CDP, how it fits into your architecture and DR plan, and ultimately whether it's a good fit for your organization.

	VIEW ALL WHITE PAPERS IN THIS TOPIC

WEBCASTS: 1 - 3 of 3

	Making effective use of database monitoring/auditing tools for security and compliance - Expert Webcast VIEW WEBCAST PREMIERED:   12 OCT 2006, 12:00 EDT (16:00, GMT) SUMMARY:   This webcast will help you understand how monitoring/auditing tools map to data compliance/security requirements and what to look for to determine which tools will work best for your environment.

	Enterprise Data Protection & Privacy - Vendor Webcast VIEW WEBCAST PREMIERED:   21 SEP 2005, 14:00 EDT (18:00, GMT) SUMMARY:   Watch industry Analyst Jon Oltsik discuss how organizations must transition from a passive approach to data security to an active approach that addresses new threats to sensitive data and increasingly strict legislation.

	CISSP Essentials: Mastering the Common Body of Knowledge -- Class 6, Applications and System Development - Expert Webcast VIEW WEBCAST PREMIERED:   16 DEC 2004, 09:00 EST (14:00, GMT) SUMMARY:   Applications and computer systems are usually developed for functionality first, not security. Listen to this presentation and learn how to build security into every system from the outset.

	VIEW ALL WEBCASTS ON DATABASE SECURITY MANAGEMENT

DEFINITIONS: 1 - 3 of 6

	data encryption/decryption IC 14 Nov 2005 WORD - A data encryption/decryption IC is a specialized integrated circuit (IC) that can encrypt outgoing data and decrypt incoming data. Some such devices are intended for half-duplex operation (in which input and output do not ...

	MD4 01 Mar 2001 WORD - MD4 is an earlier version of MD5, an algorithm used to verify data integrity through the creation of a 128-bit message digest from data input (which may be a message of any length) that is claimed to be as unique to that ...

	MD2 01 Mar 2001 WORD - MD2 is an earlier, 8-bit version of MD5, an algorithm used to verify data integrity through the creation of a 128-bit message digest from data input (which may be a message of any length) that is claimed to be as unique to ...

	VIEW ALL DEFINITIONS ON DATABASE SECURITY MANAGEMENT

SEE ALSO - Topics Related to Database Security Management:  Open Source Security Tools and Applications, Virtualization Security Issues and Threats, Email Protection, IM Security Issues, Risks and Tools, Software Development Methodology, Web Security Tools and Best Practices, Enterprise Vulnerability Management, Application Firewall Security, Securing Productivity Applications, Application Attacks (Buffer Overflows, Cross-Site Scripting), Operating System Security, Secure SaaS: Cloud services and systems