SANS Institute Review: Oracle Database Vault

by Tanya Baccam
Sept. 1, 2017 0 comments SANS Institute Pen Testing & Audits application and database security

In today’s world, despite layered protections, intruders, insiders and financially-motivated attackers will try to exploit privileged accounts to access sensitive application data. When it comes to the database, this includes abuse of privileged user accounts that have the powerful Database Administrator (DBA) role. Because of the extensive access given to such accounts, damage done by attackers using privileged accounts often is the hardest to detect and the most extensive. This is why controlling the use of administrative access is number eight on the list of SANS 20 Critical Security Controls V3.0, updated in August, 2011.1