Oracle Auditing Part 3: Unified Auditing
This is the third, and last, article on the topic of Oracle auditing. It is relevant to Oracle 12c only. With Unified Auditing, Oracle simplified the task of auditing activities in a modern database environment, and rather than having to learn multiple methods, patterns, and techniques for both different tasks ... Read More
Oracle Auditing Part 1: Standard Auditing
This is the first of three articles on the topic of Oracle auditing. It is relevant to Oracle 10g, 11g, and 12c, although Unified Auditing in 12c makes some of this content irrelevant (if you choose to use Pure Unified Auditing). Unified Auditing will be covered in the third part ... Read More
Oracle Auditing Part 2: Mandatory and Fine-Grained Auditing
This is the second of three articles on the topic of Oracle auditing. It is relevant to Oracle 10g, 11g, and 12c, although Unified Auditing in 12c makes some of this content irrelevant (if you choose to use Pure Unified Auditing). Unified Auditing will be covered in the third part ... Read More
Top 8 Database Security Best Practices
There is a large body of knowledge on what activities are required in order to secure databases and in order to comply with regulations and requirements. We’ve gathered the top 8 best practices for ensuring database security. Databases are arguably the most important and, unfortunately, also the most complex part ... Read More
Security for Amazon Redshift
We’ll show you how to set up basic monitoring of AWS Redshift using their native security features, including how to set up a Redshift instance, creating S3 buckets, and shipping the audit logs to Cloudwatch. Basic security for Amazon Redshift can be accomplished through standard AWS security measures, such as: ... Read More
Security Auditing for MongoDB on Atlas
MongoDB is a document-oriented NoSQL database that provides high performance, high availability, and easy scalability. To many, it is the leader in the NoSQL space. MongoDB Atlas was launched in June of 2016 and provides MongoDB as a database-as-a-service (DBaaS). Atlas provides all of the features of its database counterpart, ... Read More
Securely Managing Entitlement of S3 Resources
Here we’ll talk about securely managing entitlements of S3 resources including managing access control to S3 objects and utilizing audit logging to keep track of the usage of shared resources. Amazon’s AWS services allow for accounts to grant access to resources from other accounts on AWS. This creates opportunities for ... Read More
Protecting Your Data from Cyber Extortion: Lessons from the Latest Mega-hack
At the end of last year, enterprise firewall company Accellion was the victim of a two-phase SQL injection attack that resulted in significant sensitive data breaches over the last number of months. This attack is important for several reasons. It underscores the rise in frequency of incidents leading to public ... Read More
What’s Different About Data Security in the Cloud? Almost Everything.
Well before the onset of the pandemic most organizations had a digital transformation plan in place which included migrating workloads to new modern architectures, usually a private, public, or hybrid cloud. As the challenges caused by COVID-19 became more acute, these organizations accelerated their modernization plans for a myriad of ... Read More
The Coronavirus Pandemic Is Widening the Cybersecurity Skills Gap
While there are undoubtedly many major challenges within the world of cybersecurity, one of the principal roadblocks to the implementation of effective data security is the lack of skilled cybersecurity practitioners. In a November 2019 report, the International Information System Security Certification Consortium, (ISC)² suggested that the cybersecurity workforce needs ... Read More
