Database Security Management

MUST READ Preventing SQL injections TIP - Learn what a SQL injection attack is, and how to defend yourself against it. Here are five methods to reduce the possibility of a future SQL injection attack on your database. Oracle patches 82 critical flaws ARTICLE - Attackers could exploit the latest Oracle vulnerabilities to access sensitive information, overwrite files or launch SQL injection attacks in numerous applications. Raising risk prospects with a new SQL injection threat ARTICLE - "Inference attacks" could deliver up your so-called secure database to an attacker.

NEWS: 1 - 3 of 111

	IBM to acquire database security firm Guardium SearchSecurity.com | 30 Nov 2009 ARTICLE - Deal reportedly worth $225 million.

	Unpatched vulnerability discovered in Microsoft SQL Server SearchSecurity.com | 02 Sep 2009 ARTICLE - Sentrigo released details about a flaw discovered in SQL Server that exposes passwords stored in memory as cleartext. Microsoft is not planning to patch this flaw.

	SQL injection continues to trouble firms, lead to breaches SearchSecurity.com | 18 Aug 2009 ARTICLE - Security experts see the secure software development lifecycle improving, but legacy applications and Web server flaws continue to offer a rich treasure trove for attackers.

	VIEW ALL NEWS ON DATABASE SECURITY MANAGEMENT

EXPERT TECHNICAL ADVICE: 1 - 3 of 36

DATABASE SECURITY MANAGEMENT EXPERTS
			Michael Cobb, featured expert Founder and Managing Director, Cobweb Applications Ltd. ASK A QUESTION

	What is the best database patch management process? 23 Oct 2009 EXPERT ANSWER - Michael Cobb reviews how to handle database patches in the enterprise.

	Understanding transparent data encryption in SQL Server 2008 Submitted By: SearchSQLServer.com | 09 Jun 2009 TIP - Learn how transparent data encryption in SQL Server 2008 can help your company meet compliance and security standards in SQL Server environments.

	How to create configuration management plans to install DLP 03 Jun 2009 EXPERT ANSWER - Installing DLP products on a network can require a lot of configuration management planning that includes cooperation between many business groups. In this security management expert response, learn how to do a network ...

	VIEW ALL EXPERT TECHNICAL ADVICE ON DATABASE SECURITY MANAGEMENT

REFERENCE & LEARNING: 1 - 3 of 10

	Information security book excerpts and reviews SearchSecurity.com | 07 Dec 2009 INFORMATION SECURITY BOOKSHELF - Visit the Information Security Bookshelf for book reviews and free chapter downloads.

	Countdown: The top 5 things you can do to lock down your database right now SearchSecurity.com | 15 Apr 2009 PODCAST - This expert podcast will provide you with a practical guide of immediate steps that you can take to eliminate common vulnerabilities found in database deployments.

	Attacks targeted to specific applications By Dan Sullivan, Realtimepublishers | 26 Jan 2007 BOOK CHAPTER - This is the fourth tip in our series, "How to assess and mitigate information security threats".

	VIEW ALL REFERENCE & LEARNING ON DATABASE SECURITY MANAGEMENT

MAGAZINE CONTENT (free subscription required): 1 - 3 of 13

	Enterprise Security of Microsoft SQL Server 2008 Improves Over Other Versions Information Security Magazine | 01 Sep 2008 FEATURES - New protections in SQL Server 2008 include granular data security features such as encryption, key management and meta data security enhancements. There is also increaded flexibility in role-based permissions that tighten ...

	Product review: Symantec Database Security 3.1 Information Security Magazine | 01 May 2008 HOT PICK & PRODUCT REVIEWS - DATABASE SECURITY

	Imperva SecureSphere Database Gateway product review Information Security Magazine | 01 Mar 2008 HOT PICK & PRODUCT REVIEWS - Imperva's SecureSphere Database Gateway is evaluated for its installation and configuration, management and monitoring, vulnerability assessment and reporting capabilities.

	VIEW ALL MAGAZINE CONTENT ON DATABASE SECURITY MANAGEMENT

WHITE PAPERS

	Databases at Risk: Current State of Database Security (Enterprise Strategy Group) Published by: Guardium | 30 Nov 2009 ANALYST BRIEF - This ESG Research Brief analyzes the current state of database security and categorizes databases as a “dangerous and growing security gap”. Read this brief which offers steps to improve database security across the enterprise.

	Oracle Account Security: Chapter from "HOWTO Secure and Audit Oracle 10g and 11g" Published by: Guardium | 25 Nov 2009 BOOK - Read this chapter from "HOWTO Secure and Audit Oracle 10g and 11g" (CRC Press, 2009) and learn how to secure Oracle by checking for weak passwords, configuring failed login policies, preventing DoS attacks with resource limits, and auditing user profiles.

	How to Protect Data Against Theft and Ensure That it Remains Confidential - No Matter Where it is Stored Published by: Sophos Inc. | 19 Nov 2009 WHITE PAPER - This white paper introduces SafeGuard Enterprise 5.40, an innovative solution from Sophos that fulfills all the requirements a company could have for protecting confidential data on mobile PCs and data media.

	VIEW ALL WHITE PAPERS IN THIS TOPIC

WEBCASTS: 1 - 3 of 3

	Making effective use of database monitoring/auditing tools for security and compliance - Expert Webcast VIEW WEBCAST PREMIERED:   12 OCT 2006, 12:00 EDT (16:00, GMT) SUMMARY:   This webcast will help you understand how monitoring/auditing tools map to data compliance/security requirements and what to look for to determine which tools will work best for your environment.

	Enterprise Data Protection & Privacy - Vendor Webcast VIEW WEBCAST PREMIERED:   21 SEP 2005, 14:00 EDT (18:00, GMT) SUMMARY:   Watch industry Analyst Jon Oltsik discuss how organizations must transition from a passive approach to data security to an active approach that addresses new threats to sensitive data and increasingly strict legislation.

	CISSP Essentials: Mastering the Common Body of Knowledge -- Class 6, Applications and System Development - Expert Webcast VIEW WEBCAST PREMIERED:   16 DEC 2004, 09:00 EST (14:00, GMT) SUMMARY:   Applications and computer systems are usually developed for functionality first, not security. Listen to this presentation and learn how to build security into every system from the outset.

	VIEW ALL WEBCASTS ON DATABASE SECURITY MANAGEMENT

DEFINITIONS: 1 - 3 of 6

	data encryption/decryption IC 14 Nov 2005 WORD - A data encryption/decryption IC is a specialized integrated circuit (IC) that can encrypt outgoing data and decrypt incoming data. Some such devices are intended for half-duplex operation (in which input and output do not ...

	MD4 01 Mar 2001 WORD - MD4 is an earlier version of MD5, an algorithm used to verify data integrity through the creation of a 128-bit message digest from data input (which may be a message of any length) that is claimed to be as unique to that ...

	MD2 01 Mar 2001 WORD - MD2 is an earlier, 8-bit version of MD5, an algorithm used to verify data integrity through the creation of a 128-bit message digest from data input (which may be a message of any length) that is claimed to be as unique to ...

	VIEW ALL DEFINITIONS ON DATABASE SECURITY MANAGEMENT

SEE ALSO - Topics Related to Database Security Management:  Virtualization Security Issues and Threats, Email Protection, IM Security Issues, Risks and Tools, Software Development Methodology, Web Security Tools and Best Practices, Enterprise Vulnerability Management, Application Firewall Security, Securing Productivity Applications, Application Attacks (Buffer Overflows, Cross-Site Scripting), Operating System Security, Open Source Security Tools and Applications, Secure SaaS: Cloud services and systems