Cyber Security
Database
Embedded Files
Lecture 11: Database Security
Lecture 11: Database Security
SQL Injection: Attacking software and databases
Use parameterized queries and stored procedures: SELECT * FROM users WHERE id = ?
Excessive Privileges
Grant the least privileges required
GRANT SELECT ON users TO readonly_user;
Unencrypted Data at Rest: Stolen data files and disk space
Use TDE or disk-level encryption
Enable Transparent Data Encryption (TDE)
Unencrypted Data in Transit
Use SSL/TLS connections
jdbc:postgresql://host/db?ssl=true
Improper Backup Security
Encrypt backups and restrict access
gpg --encrypt backup.sql
Weak Authentication
Enforce password complexity policy
Missing Patches
Apply regular database security patches
Apply Oracle CPU patches quarterly
Misconfigured Database Services
Disable unused services and ports
Disable remote access for development DBs
Audit Logging Disabled
Enable logging and monitor regularly
Exposure of Metadata
Restrict access to system tables/views
Dr. Ghoniem Lawaty
Tech Evangelist @TechHuB Egypt
Page updated
Google Sites
Report abuse