Posted by: kurtsh | April 1, 2010

WEBCAST: SQL Server Security, “Protecting your Data from the Application to the Database” by the SQL Security Team

image Ooh.  Cool presentation:  “Security Talk: Protecting Your Data from the Application to the Database”

The SQL Security Team’s Raul Garcia and Il- Sung Lee presented on SQL Security in this online webcast.  It’s a good 300-level discussion on how to secure SQL Server. Among other things, Raul has a nice demo of SQL injection and some discussion on how to mitigate it.

MSDN Webcast: Security Talk: Protecting Your Data from the Application to the Database (Level 300)

Event Overview
Securing a database is a difficult task and most efforts typically focus on locking down the server while still allowing authorized connections to occur. Application developers need to be security conscious also, not only because applications can be a target of attack, but also because applications can facilitate the further lockdown of the server.  

In this webcast, Il-Sung Lee and Raul Garcia discuss some of the considerations that both the application developer and the database administrator should consider to help increase data security. Topics they discuss include securing the network channel, using proper authentication, new authorization features introduced in Microsoft SQL Server 2005, execution contexts, database encryption, and common errors and problems related to Microsoft SQL Server security.

(The recorded presentation video as well as the Powerpoint deck (as a .PDF file) is available for download  from the on-demand site)

Posted in Uncategorized

«
»

Categories