Database Security Management

MUST READ Preventing SQL injections TIP - Learn what a SQL injection attack is, and how to defend yourself against it. Here are five methods to reduce the possibility of a future SQL injection attack on your database. Oracle patches 82 critical flaws ARTICLE - Attackers could exploit the latest Oracle vulnerabilities to access sensitive information, overwrite files or launch SQL injection attacks in numerous applications. Raising risk prospects with a new SQL injection threat ARTICLE - "Inference attacks" could deliver up your so-called secure database to an attacker.

NEWS: 1 - 3 of 112

	Database activity monitoring lacks security lift SearchSecurity.com | 12.10.2009 OPINION - IBM's acquisition of Guardium does not validate DAM as a viable security market segment. The market has been hyped, says security expert Eric Ogren.

	IBM to acquire database security firm Guardium SearchSecurity.com | 30 Nov 2009 ARTICLE - Deal reportedly worth $225 million.

	Unpatched vulnerability discovered in Microsoft SQL Server SearchSecurity.com | 02 Sep 2009 ARTICLE - Sentrigo released details about a flaw discovered in SQL Server that exposes passwords stored in memory as cleartext. Microsoft is not planning to patch this flaw.

	VIEW ALL NEWS ON DATABASE SECURITY MANAGEMENT

EXPERT TECHNICAL ADVICE: 1 - 3 of 38

DATABASE SECURITY MANAGEMENT EXPERTS
			Michael Cobb, featured expert Founder and Managing Director, Cobweb Applications Ltd. ASK A QUESTION

	What is the best database patch management process? 23 Oct 2009 EXPERT ANSWER - Michael Cobb reviews how to handle database patches in the enterprise.

	Is credit card tokenization a better option than encryption? 30 Dec 2009 EXPERT ANSWER - Platform security expert Michael Cobb reviews alternatives to encryption that will help protect sensitive data.

	Will a database anonymization implementation succeed? 30 Dec 2009 EXPERT ANSWER - Platform security expert Michael Cobb reviews the likelihood of success in a database anonymization implementation.

	VIEW ALL EXPERT TECHNICAL ADVICE ON DATABASE SECURITY MANAGEMENT

REFERENCE & LEARNING: 1 - 3 of 11

	Information security book excerpts and reviews SearchSecurity.com | 07 Dec 2009 INFORMATION SECURITY BOOKSHELF - Visit the Information Security Bookshelf for book reviews and free chapter downloads.

	Countdown: The top 5 things you can do to lock down your database right now SearchSecurity.com | 15 Apr 2009 PODCAST - This expert podcast will provide you with a practical guide of immediate steps that you can take to eliminate common vulnerabilities found in database deployments.

	Countdown: Plugging the dam -- Understanding where and how content leaks SearchSecurity.com | 12 Jul 2007 PODCAST - This expert Podcast counts down the top 5 different use cases in which data can leak as a result of outdated data handling policies.

	VIEW ALL REFERENCE & LEARNING ON DATABASE SECURITY MANAGEMENT

MAGAZINE CONTENT (free subscription required): 1 - 3 of 14

	Basic Database Security: Step by Step Information Security Magazine | 10 Dec 2009 FEATURES - Use this checklist to ensure you're following the basics for securing database systems.

	Enterprise Security of Microsoft SQL Server 2008 Improves Over Other Versions Information Security Magazine | 01 Sep 2008 FEATURES - New protections in SQL Server 2008 include granular data security features such as encryption, key management and meta data security enhancements. There is also increaded flexibility in role-based permissions that tighten ...

	Product review: Symantec Database Security 3.1 Information Security Magazine | 01 May 2008 HOT PICK & PRODUCT REVIEWS - DATABASE SECURITY

	VIEW ALL MAGAZINE CONTENT ON DATABASE SECURITY MANAGEMENT

WHITE PAPERS

Your Enterprise Database Security Strategy 2010 Published by: Guardium, an IBM Company | 04 Feb 2010 WHITE PAPER - Database security is the last line of defense, so it deserves greater focus on the protection of private data from both internal and external attacks than IT pros have traditionally given it. Read this paper to learn what steps you can take to improve database security in your organization.

Essential Steps to Implementing Database Security and Auditing Published by: Guardium, an IBM Company | 04 Feb 2010 BOOK - Read this chapter from “Implementing Database Security and Auditing” by database security expert, Ron Ben Natan Ph.D., to learn best practices and specific tips for effectively securing most database environments, including tracking security vulnerabilities, the anatomy of buffer overflow vulnerabilities, and database auditing.

CARFAX Drives IT Success Published by: Tripwire, Inc. | 29 Jan 2010 CASE STUDY - CARFAX receives vehicle data from thousands of public and private sources. As a result, the CARFAX database contains more than four billion records of automobiles with their histories. Read this case study to find out how CARFAX achieved an enormous reduction in annual down time, optimized workflow, and an enhanced security and compliance posture.

	VIEW ALL WHITE PAPERS IN THIS TOPIC

WEBCASTS: 1 - 3 of 3

	Making effective use of database monitoring/auditing tools for security and compliance - Expert Webcast VIEW WEBCAST PREMIERED:   12 OCT 2006, 12:00 EDT (16:00, GMT) SUMMARY:   This webcast will help you understand how monitoring/auditing tools map to data compliance/security requirements and what to look for to determine which tools will work best for your environment.

	Enterprise Data Protection & Privacy - Vendor Webcast VIEW WEBCAST PREMIERED:   21 SEP 2005, 14:00 EDT (18:00, GMT) SUMMARY:   Watch industry Analyst Jon Oltsik discuss how organizations must transition from a passive approach to data security to an active approach that addresses new threats to sensitive data and increasingly strict legislation.

	CISSP Essentials: Mastering the Common Body of Knowledge -- Class 6, Applications and System Development - Expert Webcast VIEW WEBCAST PREMIERED:   16 DEC 2004, 09:00 EST (14:00, GMT) SUMMARY:   Applications and computer systems are usually developed for functionality first, not security. Listen to this presentation and learn how to build security into every system from the outset.

	VIEW ALL WEBCASTS ON DATABASE SECURITY MANAGEMENT

DEFINITIONS: 1 - 3 of 6

	data encryption/decryption IC 14 Nov 2005 WORD - A data encryption/decryption IC is a specialized integrated circuit (IC) that can encrypt outgoing data and decrypt incoming data. Some such devices are intended for half-duplex operation (in which input and output do not ...

	MD4 01 Mar 2001 WORD - MD4 is an earlier version of MD5, an algorithm used to verify data integrity through the creation of a 128-bit message digest from data input (which may be a message of any length) that is claimed to be as unique to that ...

	MD2 01 Mar 2001 WORD - MD2 is an earlier, 8-bit version of MD5, an algorithm used to verify data integrity through the creation of a 128-bit message digest from data input (which may be a message of any length) that is claimed to be as unique to ...

	VIEW ALL DEFINITIONS ON DATABASE SECURITY MANAGEMENT

SEE ALSO - Topics Related to Database Security Management:  Virtualization Security Issues and Threats, Application Attacks (Buffer Overflows, Cross-Site Scripting), Email Protection, IM Security Issues, Risks and Tools, Software Development Methodology, Web Security Tools and Best Practices, Enterprise Vulnerability Management, Application Firewall Security, Securing Productivity Applications, Operating System Security, Open Source Security Tools and Applications, Secure SaaS: Cloud services and systems