Documenti di Didattica
Documenti di Professioni
Documenti di Cultura
3 www.appsecinc.com
What Do The Numbers Tell Us?
84 56 73
Percent of Percent of the same Percent of
companies that feel companies that companies that
database security is experienced a predict database
adequate breach in the last 12 attacks will increase
months
4 www.appsecinc.com
The Threats to Enterprise Data Continue to Rise
Perimeter security
measures are necessary
but not sufficient
5 www.appsecinc.com
Databases Account For 92% of Stolen Records!
Database
$138
Laptop
Mail Server
6 www.appsecinc.com
More Numbers - Overview
Others 4%
Financial Services 96%
Source: Verizon 2010 Data Breach Investigation Report
8 www.appsecinc.com
Database Breach Settlements
9 www.appsecinc.com
Databases and Data Breaches More Stats
11 www.appsecinc.com
Emerging Database Threats
Sophisticated attacks that exploit un-patched
vulnerabilities
Double or triple encrypted SQL-injection attacks that
render web-application firewalls virtually useless
Insider attacks
The Insider Threat
Insider mistakes
Advanced identity theft via database rootkits
Increasingly sophisticated social engineering leading to
full-blown database disclosures
Weak or non-existent audit controls
Powerful self-propagating attacks distributed via
infection kits on legitimate websites and other creative
means
12 www.appsecinc.com
Common Database Threats
13 www.appsecinc.com
Database Vulnerabilities
Patchable
Vulnerabilities
Misconfigurations
Default & Weak
& Excessive
Passwords
Privileges
14 www.appsecinc.com
Database Vulnerabilities: Default Accounts
Databases have their own user accounts and passwords
16 www.appsecinc.com
Database Vulnerabilities: Misconfigurations
Misconfigurations can make databases vulnerable
External Procedure Service
Privilege to grant Java permissions
Default HTTP Applications
Privilege to Execute UTL_FILE Permissions granted on xp_cmdshell
CREATE_NOT_FENCED privilege
granted (allows logins to create SPs)
18 www.appsecinc.com
Recap: Emerging Database Threats
Sophisticated attacks that exploit un-patched
vulnerabilities
Double or triple encrypted SQL-injection attacks that
render web-application firewalls virtually useless
Insider attacks
Insider mistakes
Advanced identity theft via database rootkits
Increasingly sophisticated social engineering leading to
full-blown database disclosures
Weak or non-existent audit controls
Powerful self-propagating attacks distributed via
infection kits on legitimate websites and other creative
means
19 19 www.appsecinc.com
Database Security
Leading Practice
Key Objectives
21 www.appsecinc.com
Leading Practices: Stopping the Attack
Key Findings
Half of the insiders had authorized access
to the systems/networks at the time of the
incidents.
Over half of the insiders used relatively
sophisticated tools or methods for their illicit
activities.
Over half of the insiders exploited systemic
vulnerabilities in applications, processes,
and/or procedures.
22 www.appsecinc.com
Leading Practices: Stopping the Attack
Implications
Apply the principle of least privilege giving users only the access they
need to do their jobs separation of duties
Eliminate weak or default passwords on systems
Maintain role-based access controls and disable access after an
employee changes positions within a company
Formal policies and procedures for disabling access upon an
employees termination or resignation should be established and
followed
Procedural and technical controls should be established for system
administrator functions
Periodic account audits should be conducted to check for unneeded or
unauthorized accounts, including: Remote access accounts, login
accounts, DBA accounts, application, customer, and company accounts
23 www.appsecinc.com
How to Protect Against Attacks
24 www.appsecinc.com
How to Protect Against Attacks
25 www.appsecinc.com
How to Protect Against Attacks
26 www.appsecinc.com
Data Security Life Cycle
Lifecycle Purpose
Component
27 www.appsecinc.com
Bringing it All Together Entities | Relationships | Data
Classify
Discover Values are based on
Who, What, Where, and interrelationships and
How They are Involved level of criticality
Network
Operating
System
Monitor
Alert for any Application Assess
deviation from the Pinpoint weakest
established baseline link in the chain
Middleware
Fix
Database
Prioritize
Remediation efforts are
Viable remediation and
ranked based upon their
compensating controls are
value and criticality
applied along with new baselines
28 www.appsecinc.com
Database Auditing
Leading Practice
Key Objectives
30 www.appsecinc.com
Relational Database Environments
31 www.appsecinc.com
Security as Part of the Audit
32 www.appsecinc.com
Security as Part of the Audit
33 www.appsecinc.com
Security Architecture and Design
34 www.appsecinc.com
Database Audit Initial Planning
35 www.appsecinc.com
OS Considerations for Database
36 www.appsecinc.com
Database Vulnerability Testing
Vulnerability tests
OS probes for known vulnerabilities
Identify vulnerable TCP/IP connections
Database probes for known weaknesses and vulnerabilities
Specific tests for default accounts and weak passwords
Manual Scripts versus Automation
AppDetectivePro
37 www.appsecinc.com
Database Security Standards
38 www.appsecinc.com
Major Components of Database Auditing
5. Change Auditing
Establish a baseline policy for database; configuration, schema, users,
privileges and structure, then track deviations from that baseline
39 www.appsecinc.com
Database Users and Passwords Common Issues
40 www.appsecinc.com
Database Objects Common Issues
41 www.appsecinc.com
Database Objects Common Issues
42 www.appsecinc.com
Database Users Segregation of Duties Audit
43 www.appsecinc.com
Database Change Control
44 www.appsecinc.com
Database Audit Trail Issues
45 www.appsecinc.com
Advantages of Off-database Auditing
46 www.appsecinc.com
Compensating Controls - Monitoring
47 www.appsecinc.com
Wrap Up
48 www.appsecinc.com
Questions?
Vulnerabilities?
Locking down the
database?
Email our security experts at:
asktheexpert@appsecinc.com
49 www.appsecinc.com