SEC595: Applied Data Science and AI/Machine Learning for Cybersecurity Professionals

Experience SANS training through course previews.
Learn MoreLet us help.
Contact usBecome a member for instant access to our free resources.
Sign UpWe're here to help.
Contact UsAs sensitive data is consolidated into larger, unified databases the protection of that data becomes more and more important. A critical element in securing these systems is monitoring user activity. There are several approaches available for auditing and monitoring these databases. In this paper, we discuss the basics of one of those methods: network based monitoring. We also look at some of the steps involved in implementing it using Imperva's SecureSphere Database Activity Monitoring (DAM) product. We are focusing on network based monitoring because it is a common starting point that many organizations use when beginning toperform Database Activity Monitoring. It also establishes a foundation that can be leveraged for additional types of monitoring as an organization's program matures.