52ky 发表于 2022-9-15 16:58:46

教你如何8步实现整体数据库安全

漏洞和配置评价,通过漏洞评价,得到的通常是一些详细的建议。这是加强数据库维护的第一步。加强维护的其他要素还包括删去不使用的一切功能和选项。一旦创建了加强了安全维护的配置,就必须继续跟踪它,确保您没有偏离您的“黄金”(安全)配置。可以通过改变统计工具来终结这一命令,这些工具可以对比配置的快照(在操作系统和数据库两个级别上),并在发作可能影响数据库安全的改变时,当即发布正告。关于通过及时检测侵/入和误用来限制信息露出,实时监控数据库流动非常主要。例如,DAM可以正告暗示着SQL注入攻击的反常访问模式、对财务数据的未授权更改、帐户特权提高,以及通过SQL命令执行的配置改变。监控特权用户也是SOX等数据管理法规和PCIDSS等数据隐私法规的一项请求。检测侵/入也很主要,由于攻击经常会让攻击者取得特权用户访问权限(比方通过由您的业务使用一切的凭据实现)。DAM也是漏洞评价的一个主要要素,由于它支持您逾越传统静态评价,以包括对“行为式漏洞”(比方多个用户共享特权凭据或许数据库登录失败次数过多)的动态评价。
教你如何8步实现全体数据库安全.pdf

(Vulnerability and configuration evaluation, through the vulnerability evaluation, usually get some detailed recommendations. This is the first step in enhancing database maintenance. Other elements of enhanced maintenance include removing any features and options that are not in use. Once a configuration with enhanced security maintenance has been created, it is imperative to keep track of it to ensure that you have not strayed from your "golden" (safety) configuration. This command can be terminated by changing statistics tools that can compare snapshots of the configuration (at both OS and database levels) and issue immediate warnings when changes occur that may affect database security. Real-time monitoring of database flows is essential with regard to limiting information exposure through timely detection of intrusions/intrusions and misuse. For example, DAM can warn of abnormal access patterns that imply SQL injection attacks, unauthorized changes to financial data, account privilege escalation, and configuration changes executed through SQL commands. Monitoring privileged users is also a requirement under data management regulations such as SOX and data privacy regulations such as PCIDSS. Intrusion detection is also important, as attacks often allow attackers to gain privileged user access (such as through credentials used by your business). DAM is also a key element of vulnerability assessments, as it allows you to go beyond traditional static assessments to include dynamic assessments of "behavioral vulnerabilities" such as multiple users sharing privileged credentials or too many failed database logins.
Teach you how to achieve overall database security in 8 steps.pdf)




页: [1]
查看完整版本: 教你如何8步实现整体数据库安全