New Zealand Oracle Users Group
What is a Database Firewall, and why should it be your first line of defense?
The 2010 IOUG Data Security Survey indicated only 35%25; of respondents said they have taken steps to prevent SQL injection attacks. In 2011 a high profile SQL-injection attack compromised the records of tens of millions Sony customers.
With these two events in mind this presentation discusses what a SQL-injection attack is, and why they are so effective in their abilitiy to compromise databases. It will then look at how the concept of a firewall can be applied to protect databases from SQL-injection attacks, how it fits into a broader defense in depth strategy, and finally what other benefits does it bring in terms of audit compliance.
| Attachment | Size |
|---|---|
 NZOUG 2011 Database Firewall.pdf | 1.88 MB |
Version:
1
Publish Date:
18 Nov 2011
Organization:
Oracle
Presenter Biography:
James was bought on board Oracle New Zealand when Oracle established an identity management business in New Zealand in 2008. As a sales consultant James provided not only the link between Oracle product and customer requirements, but also advice relating to best practices around security generally. Prior to Oracle James was a security consultant with CA Technologies for about 7 years during which time he represented wide range of security areas from network forensics to identity management. He has had a a varied background that ranges from product management for mobile telephony billing mediation systems to pre-sales specialist for emergency services dispatch systems James is a Certified Information Systems Auditor (CISA), and a Certified Information System Security Professional (CISSP).
field_vote: