In this course you will learn how to secure open source and commercial database platforms against modern threats and attack vectors. This course includes a mix of conceptual lectures and detailed screencasts outlining all the steps involved with conducting test attacks and subsequently securing your database platforms.
Table of Contents
Lessons 1 – 4 - Database Security Core - Here we will cover modern database security architectures, attack vectors and security threats. You will learn how to design database defense in depth architectures utilizing a combination of preventive, corrective and detective controls.
Lesson 5 – Platform Hardening – Minimizing the attack surface area of operating systems, databases and applications is a key tenet of operational security. Let’s talk about techniques for OS/DB and App hardening.
Lesson 6 – MySQL Security Lab Build out – In this Lesson you will learn how to build your own MySQL Security Lab environment using Oracle VirtualBox.
Lesson 7 – My SQL Architecture and Exploits – After building out your MySQL Security Lab I will explain the MySQL Security Architecture and show you how to attack MySQL Database installations.
Lesson 8 – Locking Down MySQL – You will learn how to effectively secure MySQL Database installations using industry best practices and techniques.
Lesson 9 – Oracle Exploitation and Security Best Practices – You will learn how to build an Oracle Database Security Lab environment as well as how to exploit and secure Oracle Databases from modern threats and attack vectors.
Lesson 10 – PostgreSQL Architecture, Exploits and Hardening – You will learn PostgreSQL’s Security architecture and how to exploit and secure PostgreSQL Databases from modern threats and attack vectors.
Lesson 11 – Storage Encryption - Storage Security has more moving parts than ever, especially considering the convergence of IP and Storage Networking technologies. In this section we will talk about how to secure data at rest on Storage Area Networks, NAS and local systems.
Lesson 12 – Key Management - Any encryption is only as good as the protection of its keys. In this section you will learn about encryption key management procedures and best practices.
Lesson 13 - Locking Down Big Data - Big Data is a broad term for data sets so large or complex that traditional data processing applications are inadequate. Big data is defined by significant data volume, variety and volume. With the aggregation of these large data sets comes new security challenges. In this lesson you will learn how to secure Big Data. Linux Live Response - In this lesson you will learn how to statically compile forensic response tools in Linux to be used to conduct a live response of another Linux system.