Hacking Databases: Exploiting The Top Database Vulnerabilities And Misconfigurations
- Josh Shaul, Chief Technology Officer, Application Security Inc.
- Wednesday, October 3rd, 11:45am - 12:15pm
According to the Identity Theft Resource Center, in the past year and a half, there have been close to 900 breaches and over 28,000,000 records compromised. With groups like Anonymous and LulzSec continuously hacking into major corporations and government agencies, do you wonder if you're next?
No organization, industry, or government agency is immune to the proliferation of complex attacks and malicious behavior. Ensuring database security is a priority for organizations interested in protecting sensitive data and passing audits.
Over the course of this presentation, a description of some of the sophisticated methods used in invading enterprise databases will be discussed, and the evolution of the security issues and features in each will be provided. A demonstration of popular attacks will also be presented.
The presentation will conclude by proposing essential steps IT managers can take to securely configure, maintain databases, and defend against malicious breaches entirely. Attendees will leave with a basic understanding of the most effective methods for protecting their data, an enterprise's most prized asset, from attackers today and in the future.
- Learn how organizations, through an integrated defense strategy, can effectively manage their database risks across large, heterogeneous database environments with automated controls
- Understand the common vulnerabilities and misconfigurations used to attack databases
Methodologies and best practices on how to implement actionable plans to protect enterprise database assets
The following bonus sessions are open to all paid attendees at no additional cost. There are many different types of events that fall into these categories:
- Vendor: Events hosted by external vendor exhibitors.
Wednesday, October 3
|Automating the 20 Critical Controls with a Full Life Cycle Security and Compliance Program||Andrew Wild, CSO, Qualys and Wolfgang Kandek, CTO, Qualys||Wednesday, October 3rd, 1:30am - 2:30am||Vendor Event|
|SCAP Sync||Mark Haase, Sr. Security Software Engineer, Lunarline, Inc.||Wednesday, October 3rd, 2:15am - 2:45am||Vendor Event|
|CM, CAG, Cloud: The Perfect Storm?||—||Wednesday, October 3rd, 3:45am - 4:45am||Vendor Event|
|Intelligence-Driven Security: Advanced Threat and Continuous Monitoring||RSA||Wednesday, October 3rd, 11:00am - 11:45am||Vendor Event|
|Hacking Databases: Exploiting The Top Database Vulnerabilities And Misconfigurations||Josh Shaul, Chief Technology Officer, Application Security Inc.||Wednesday, October 3rd, 11:45am - 12:15pm||Vendor Event|
Thursday, October 4
|Beyond Continuous Monitoring, Multi-Layered Threat Detection and Response||Rob Roy, Federal CTO, HP Enterprise Security Products||Thursday, October 4th, 1:30am - 2:00am||Vendor Event|
|The Impact of Hardware-Enhanced Security||David Marcus, Director, Advanced Research & Threat Intelligence, McAfee||Thursday, October 4th, 2:15am - 3:15am||Vendor Event|
|Security Intelligence Made Easy||Usman Choudhary, Senior Director of Engineering, NetIQ||Thursday, October 4th, 11:00am - 11:30am||Vendor Event|
|Advanced Situational Awareness (ASA)||Tom Kellermann, VP of Cyber Security, Trend Micro||Thursday, October 4th, 11:45am - 12:15pm||Vendor Event|