SQL Server

Do You Know What Your Database Users Are Doing?

By Alex RothackerIn our last column, we focused on privilege escalation attacks, and the impact that this category of  SQL injection attacks can have on the database – particularly where specific database vulnerabilities exist, and can be exploited through the manipulation of privileges. Let’s look more deeply at how organizations struggle with the issue of extensive privileges assigned directly to users – or indirectly through user groups. We’ll address what can happen when database users are over-credentialed, and what should be done to ensure you are aware of all activity that is occurring in your environment.

Subscribe to our newsletter, Threatpost Today!

Get the latest breaking news delivered daily to your inbox.