Scribd Logo
Upload

Welcome to Scribd!

  • Top 10 Database Threats

    Uploaded by

    Chetan Nagar
    14 views42 pages
    Database Threats

    Copyright

    © © All Rights Reserved

    Available Formats

    PDF, TXT or read online from Scribd

    Did you find this document useful?

    Is this content inappropriate?

    Report this Document
    Database Threats

    Copyright:

    © All Rights Reserved
    Download as PDF, TXT or read online from Scribd
    Flag for inappropriate content
    14 views42 pages

    Top 10 Database Threats

    Uploaded by

    Chetan Nagar
    Database Threats

    Copyright:

    © All Rights Reserved
    Download as PDF, TXT or read online from Scribd
    Flag for inappropriate content
    of 42

    Top 10 Database Threats 2013

    Raphael Reich
    Senior Director, Product Marketing

    © 2013 Imperva, Inc. All rights reserved.


    Overview

     Background
     Top 10 database threats
     Neutralizing the threats

    2 © 2013 Imperva, Inc. All rights reserved.


    Raphael Reich
    Sr. Director, Product Marketing | Imperva

     Expertise
    + 20+ years in product marketing, product
    management, and software engineering
     Professional Experience
    + Cisco, Check Point, Network General
     Academics
    + Bachelor’s degree in Computer Science
    from UC Santa Cruz
    + MBA from UCLA

    © 2013 Imperva, Inc. All rights reserved.


    Background

    4 © 2013 Imperva, Inc. All rights reserved.


    Background

    Ninety six percent (96%) of records breached are


    from databases.
    2012 Verizon Data Breach Report

    5%

    95%
    Less than 5% of Security spend is on data center
    security.
    Worldwide Security Products 2011-2014 Forecast (IDC -February 2011)

    5 © 2013 Imperva, Inc. All rights reserved.


    What’s changed?

    6 © 2013 Imperva, Inc. All rights reserved.


    Top 10 Threats

    7 © 2013 Imperva, Inc. All rights reserved.


    (1) Excessive and Unused Privileges

    Used to work in Accounts Payable

    Jim works in Sales

    Uses his access for personal enrichment

    8 © 2013 Imperva, Inc. All rights reserved.


    (1) Excessive and Unused Privileges

    9 © 2013 Imperva, Inc. All rights reserved.


    (2) Privilege Abuse

    10 © 2013 Imperva, Inc. All rights reserved.


    (2) Privilege Abuse

    11 © 2013 Imperva, Inc. All rights reserved.


    (3) SQL Injection

    The Best Way To Spend Your Security Budget


    “…one SQL injection attack
    can bring in big bucks. It's a
    Admin
    no-brainer that you should
    ' OR 1 = 1 -- make this problem top
    priority.”
    Dark Reading, Feb 28, 2013

    12 © 2013 Imperva, Inc. All rights reserved.


    (3) SQL Injection

    13 © 2013 Imperva, Inc. All rights reserved.


    (4) Malware

    69% of breaches incorporated malware

    Source: Verizon Data Breach Report, 2012

    14 © 2013 Imperva, Inc. All rights reserved.


    (4) Malware

    15 © 2013 Imperva, Inc. All rights reserved.


    (5) Weak Audit Trail

    16 © 2013 Imperva, Inc. All rights reserved.


    (5) Weak Audit Trail

    17 © 2013 Imperva, Inc. All rights reserved.


    (6) Storage Media Exposure

    How South Carolina Failed


    To Spot Hack Attack
    “…the attacker had successfully
    located and begun copying 23
    database backup files…”
    Information Week, November 26, 2012

    18 © 2013 Imperva, Inc. All rights reserved.


    (6) Storage Media Exposure

    19 © 2013 Imperva, Inc. All rights reserved.


    (7) Database Vulnerability Exploitation

    20 © 2013 Imperva, Inc. All rights reserved.


    (7) Database Vulnerability Exploitation

    21 © 2013 Imperva, Inc. All rights reserved.


    (8) Unmanaged Sensitive Data

    22 © 2013 Imperva, Inc. All rights reserved.


    (8) Unmanaged Sensitive Data

    23 © 2013 Imperva, Inc. All rights reserved.


    (9) Denial of Service

    24 © 2013 Imperva, Inc. All rights reserved.


    (9) Denial of Service

    25 © 2013 Imperva, Inc. All rights reserved.


    (10) Limited Security Expertise & Education

    26 © 2013 Imperva, Inc. All rights reserved.


    (10) Limited Security Expertise & Education

    27 © 2013 Imperva, Inc. All rights reserved.


    Neutralizing Threats

    28 © 2013 Imperva, Inc. All rights reserved.


    Layered Approach to Database Security

     Discovery and Assessment


     User Rights Management
     Monitoring and Blocking
     Auditing
     Data Protection
     Non-Technical Security

    29 © 2013 Imperva, Inc. All rights reserved.


    Discovery & Assessment

    30 © 2013 Imperva, Inc. All rights reserved.


    User Rights Management

    31 © 2013 Imperva, Inc. All rights reserved.


    Monitoring and Blocking

    32 © 2013 Imperva, Inc. All rights reserved.


    Auditing

    33 © 2013 Imperva, Inc. All rights reserved.


    Data Protection

    34 © 2013 Imperva, Inc. All rights reserved.


    Non-Technical Security

    35 © 2013 Imperva, Inc. All rights reserved.


    Customer Use Case: Sensitive Data Auditing

    36 © 2013 Imperva, Inc. All rights reserved.


    Sensitive Data Auditing Use Case

    Database
    User
    SecureSphere DAM:
     Capture audit details and generate
    A multinational oil & gas reports
    company needed to:  Generate SIEM alerts

     Streamline database auditing for PCI


    and SOX
     Reduce time and log collection errors
     Send activity alerts to Security
    Information Event Manager (SIEM)
    Audit Reports

    Audit Logs !
    SIEM

    37 © 2013 Imperva, Inc. All rights reserved.


    Auditing Sensitive Data – Key Capabilities

    Activity Auditing
    SecureSphere
    DAM
    Collect and record
    database activity
    details
     Satisfy compliance
    requirements
     Conduct forensic Users Audit Policies Databases Audit Details
    analysis

    Privileged User
    Monitoring
    Monitor privileged or
    “power” users
     Enforce Separation of
    Duties
     See all activity incl. local Audit Policies
    Privileged User
    access
    Database Agent Appliance
     Block if needed

    38 © 2013 Imperva, Inc. All rights reserved.


    Auditing Sensitive Data – Key Capabilities

    Reporting
    Enterprise class PCI, HIPAA, SOX…
    reporting framework
    Custom
     Analyze threats
     Accelerate compliance

    Dashboard
    Alerting

    Alert in real time on


    suspicious behavior SYSLOG
     Quickly identify attacks
     Prevent data theft

    Email
    SIEM

    39 © 2013 Imperva, Inc. All rights reserved.


    Auditing Sensitive Data – Key Capabilities

    Discovery &
    Classification
    Discover DBs and
    classify sensitive
    information Credit Cards
     Discover active DB
    services
     Identify rogue DBs Rogue
     Determine what needs
    SSN
    to be monitored

    PII

    SecureSphere DAS

    40 © 2013 Imperva, Inc. All rights reserved.


    Webinar Materials

    Join Imperva LinkedIn Group,


    Imperva Data Security Direct, for…

    Answers to
    Post-Webinar
    Attendee
    Discussions
    Questions

    Webinar
    Join Group
    Recording Link

    © 2013 Imperva, Inc. All rights reserved.


    www.imperva.com

    - -
    © 2013 Imperva, Inc. All rights reserved.

    You might also like