This resource is no longer available

Database Security for Security Professionals


Information security professionals may be intrigued by emerging database security technologies like database access monitoring (DAM), but those protections are of little use without a solid understanding of the fundamentals of database design and management, context many infosec pros lack. This video offers an overview of key concepts of relational database management, including terminology, rules, and referential integrity, painting a clear picture of how database security fits within the database management paradigm. Other key concepts include:

  • Structured Query Language and its three major components
  • Variance of logs across databases
  • Auditing vs. database activity monitoring (DAM)
  • Factors when evaluating a DAM tool
  • Database vulnerability assessment


Rich Mogull Analyst and CEO, Securosis LLC

Rich Mogull has twenty years experience in information security, physical security, and risk management. He specializes in data security, application security, emerging security technologies, and security management. Prior to founding Securosis, Rich was a Research Vice President at Gartner on the security team where he also served as research co-chair for the Gartner Security Summit. Prior to his seven years at Gartner, Rich worked as an independent consultant, web application developer, software development manager at the University of Colorado, and systems and network administrator.

Guardium, an IBM Company
20 Apr 2010

This resource is no longer available.