Implementing Database Security and Auditing
Product Description
This book is about database security and auditing. You will learn many methods and techniques that will be helpful in securing, monitoring and auditing database environments. It covers diverse topics that include all aspects of database security and auditing – including network security for databases, authentication and authorization issues, links and replication, database Trojans, etc. You will also learn of vulnerabilities and attacks that exist within various dat… More >>
Implementing Database Security and Auditing
Incoming Search Term Incoming Search Term : Incoming Search TermIf you enjoyed this post, please consider to leave a comment or subscribe to the feed and get future articles delivered to your feed reader.
Comments
The preface clearly states that this book is a guide on implementing security and auditing for database environments Lays out who should read the book, basically administrators, auditors, security professionals, or any one involved with operational ownership of databases.
After reading the book I actually felt that there are so many vulnerabilities that effect every part of an IT shop that this book is a must read for developers, architects, and management as well. Often it is the way systems are architected and coded that bring out the vulnerabilities and allow would-be hackers in.
Ron really has hit a great balance between readability and information.
The book isnt just a text or reference book but also entertained me.
Rating: 4 / 5
As more business services extend access to information within databases via web-based technologies, so increases their risk of error, vulnerability and noncompliance. For the database administrator and/or security administrator this is a must have reference book.
The book will address issues that are relevant “today” and packed full of clear and concise methods and techniques that will be helpful in securing, monitoring, and auditing database environments. I was glad to see the author addresses the complexity of regulatory compliance and its implication on database planning, management and IT auditing.
Great read, great timing!
Rating: 5 / 5
Excellent book. Very useful. Good for understanding what to do and even better for understanding interactions with the database – both for implementing database audit trails as well as for enhancing database security.
Rating: 5 / 5
I’m rarely moved to write a review on a technical book, perhaps because I read so many of them. However, this text is truly outstanding, due to it’s breadth of coverage, i.e., Oracle, SQL Server, DB2, UBD and Sybase AND well written descriptions of problems and solutions.
If you are seeking to secure your databases AND/OR audit them, this book contains both suggestions for scripting, triggers etc as well as where to look for vulnerabilities.
Bravo to the author, and THANKS, I’m using regularly, the best compliment of all.
Rating: 5 / 5
If compliance and auditing are on your agenda, then Ron Ben Natan’s book on database security and auditing merits your attention. In this day-and-age of computer viruses, hacking, and governmental regulations, database security and auditing is a subject of paramount importance. And Implementing Database Security and Auditing attacks the subject with a vengenance.
In just over 400 pages the author manages to quite thoroughly cover a wide variety of database security topics. Whether you want to learn more about encryption, authentication and password control, or access control, this book provides help.
The book is useful for both DBAs and security administrators, giving each a better view of the world where the disciplines of database management and security management meet. Even better, the book offers many examples and guidelines for multiple environments. Whether you use DB2 on AIX, MySQL on Linux, Oracle on Unix, or SQL Server on Windows, Ben Natan’s book provides useful guidance.
Are you curious to know more about SQL injection attacks? Learn what they are and why they are dangerous in this book. What about buffer overflows? Maybe you’ve read about them in the IT press, but those “newsy” pieces rarely delve into the depth required to understand and prevent attacks using these methods. This book offers that depth.
Chapter 7, “Using the Database to do Too Much,” is particularly useful. In this chapter the author discusses some of the things not to do if you want to properly secure your database environment. You can save yourself a lot of trouble by reading and following these useful suggestions.
I think my favorite section of the book is the final three chapters. Here is where the author tackles the meaty topics of regulatory compliance and database auditing. New governmental rules and regulations are being introduced constantly and their impact on database administration is not clearly understood by many heads-down, techies. This book will give you a clearer understanding of laws such as GLB, Sarbanes-Oxley, and HIPAA — and lend guidance on how to adapt your database environment in order to comply with these laws.
All-in-all Implementing Database Security and Auditing is a useful and timely publication that most DBAs would do well to read and embrace.
Rating: 5 / 5