Locking Down Databases
Given the UCLA breach, it is clear more time and effort needs to go into securing databases. Analysts have reviewed vulnerability databases and found Oracle lagging behind Microsoft on the database security front. David Litchfield, a database security researcher, is author of one of the recent reports and is also responsible for finding a significant number of database vulnerabilities. We could waste a lot of time arguing about which database is more secure but lets face it, the cost of converting enterprise applications from one database platform to another is prohibitive. If you are an Oracle shop or an MS shop, you are not likely to change because one vendor has fewer security vulnerabilities than the other.
If you are running either MS SQL Server or an Oracle RDBMS, keep Implementing Database Security and Auditing by Ron Ben Natan and The Database Hacker's Handbook: Defending Database Servers by David Litchfield, Chris Anley, John Heasman, Bill Grindlay close at hand. These books are some of the best on the topic.
Email This!
Digg it!
Sphere it!
Del.icio.us
Reddit!
Newsvine
