According to the Identity Theft Resource Center, in the past year and a half, there have been nearly 900 breaches and over 28 million records compromised. With the likes of Anonymous, LulzSec and government sponsored attackers continuously hacking into major corporations and government agencies, do you wonder if you’re next? No organization, industry, or government agency is immune to the proliferation of complex attacks and malicious behavior. Ensuring database security is a priority for organizations interested in protecting sensitive data and passing audits. Over the course of this presentation, a description of sophisticated methods used in invading enterprise databases will be discussed, and the evolution of the security issues and features in each will be provided. A demonstration of new and popular attacks will also be presented. The presentation will conclude by proposing essential steps IT managers can take to securely configure, maintain databases, and defend against malicious breaches entirely.
Alex Rothacker is the Director of Security Research for Application Security, Inc.’s (AppSec) TeamSHATTER. In his role, Alex manages a team comprised of some of the world’s most renowned databases security researchers. TeamSHATTER is regularly credited for identifying critical database vulnerabilities and misconfigurations in leading database management systems. As an evangelist for database security, he is a regular speaker at security conferences and contributor to various security blogs. Before joining AppSec, Alex was a Director of Solutions at Visionics, a facial recognition software start-up. In addition, Alex has held various senior-level positions in the software industry. Alex holds an M.S. in Computer Science from New Jersey Institute of Technology and Diplom Informatiker(FH) from Fachhochschule Darmstadt (Germany).