Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

apono

Scaling Least Privilege Access for Databases

May 28, 2024 By Rom Carmel In Apono
In today’s increasingly complex digital landscape, safeguarding sensitive data has never been more critical. Yet, many organizations grapple with balancing accessibility and security within their databases. Enter the concept of least privilege access, a pivotal strategy designed to minimize vulnerabilities by ensuring users have only the permissions essential for their role. However, scaling this principle across large-scale environments poses unique challenges and opportunities.
Read Post

Mastering SQL Injection : A Comprehensive Guide to SQL Map

May 27, 2024 By VISTA InfoSec In VISTA InfoSec
In this video we will learn about one of the most prevalent database threats today, SQL Injection attack which is a common method used by hackers to exploit vulnerabilities in web applications that interact with databases. Join us as we explore the inner workings of this malicious technique and understand how SQLMAP Tool, a powerful open-source penetration testing tool can be used to protect your data. With step-by-step examples and demonstrations, we will show how to install SQLMAP and take countermeasures.
View Video
CalCom

Ad Hoc Distributed Queries - SQL Server

Apr 17, 2024 By John Gates In CalCom
An ad-hoc query is an unscheduled data inquiry, typically created in response to questions that cannot be addressed using predetermined or predefined datasets. Ad hoc distributed queries utilize the OPENROWSET(Transact-SQL) and OPENDATASOURCE(Transact-SQL) functions for establishing connections with remote data sources employing OLE DB. It’s advisable to employ OPENROWSET and OPENDATASOURCE solely for referencing OLE DB data sources that are accessed on an occasional basis.
Read Post
keeper

How To Securely Manage Database Access for Remote Users

Apr 3, 2024 By Aranza Trevino In Keeper
The best way to securely manage database access for remote users is by using a Privileged Access Management (PAM) solution. PAM solutions provide full visibility and control over database access to prevent privilege misuse, reducing the likelihood of an insider threat harming your organization.
Read Post
jit

Enhance MongoDB Security for Atlas With Scalable Tenant Isolation

Apr 1, 2024 By Ariel Beck In Jit
As a company building a SaaS security product, our inherent culture is not only focused on building best of breed security products for our users, but also ensuring that our systems, practices and workflows are engineered to support a continuously evolving threat landscape, and to protect our users’ data. We’ve written about our design for tenant isolation for our serverless based architecture in the past, and practical methods to avoid data leakage between clients.
Read Post
obrela

Apache Superset - Database Data Retrieval Through Improper Error Handling

Mar 6, 2024 By Anastasios Stasinopoulos In Obrela
Anastasios Stasinopoulos from OBRELA LABS Team discovered a security flaw that affects Apache Superset (before 3.0.4, from 3.1.0 before 3.1.1), an open-source modern data exploration and visualization platform. Apache Superset error handling can be manipulated in order to allow data retrieval from the backend database.
Read Post
jumpcloud

How to Install PostgreSQL 16 on RHEL 9

Mar 1, 2024 By David Worthington In JumpCloud
PostgreSQL is one of the leading and widely used open source relational database management systems (RDBMS) that stores structured data in tables, just like MySQL. It is used by developers in their tech stacks and even by large enterprises and corporations to store website and application data. PostgreSQL uses SQL query language to store and manipulate data and also provides JSON support.
Read Post
veracode

Practical Steps to Prevent SQL Injection Vulnerabilities

Feb 26, 2024 By Jenny Buckingham In Veracode
In today's digital landscape, web applications and APIs are constantly under threat from malicious actors looking to exploit vulnerabilities. A common and dangerous attack is a SQL injection. In this blog, we will explore SQL injection vulnerabilities and attacks, understand their severity levels, and provide practical steps to prevent them. By implementing these best practices, you can enhance the security of your web applications and APIs.
Read Post

Copyright © 2026 OpsMatters™. All rights reserved.