Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Mastering SQL Injection : A Comprehensive Guide to SQL Map

May 27, 2024 By VISTA InfoSec In VISTA InfoSec
In this video we will learn about one of the most prevalent database threats today, SQL Injection attack which is a common method used by hackers to exploit vulnerabilities in web applications that interact with databases. Join us as we explore the inner workings of this malicious technique and understand how SQLMAP Tool, a powerful open-source penetration testing tool can be used to protect your data. With step-by-step examples and demonstrations, we will show how to install SQLMAP and take countermeasures.
View Video
CalCom

Ad Hoc Distributed Queries - SQL Server

Apr 17, 2024 By John Gates In CalCom
An ad-hoc query is an unscheduled data inquiry, typically created in response to questions that cannot be addressed using predetermined or predefined datasets. Ad hoc distributed queries utilize the OPENROWSET(Transact-SQL) and OPENDATASOURCE(Transact-SQL) functions for establishing connections with remote data sources employing OLE DB. It’s advisable to employ OPENROWSET and OPENDATASOURCE solely for referencing OLE DB data sources that are accessed on an occasional basis.
Read Post
keeper

How To Securely Manage Database Access for Remote Users

Apr 3, 2024 By Aranza Trevino In Keeper
The best way to securely manage database access for remote users is by using a Privileged Access Management (PAM) solution. PAM solutions provide full visibility and control over database access to prevent privilege misuse, reducing the likelihood of an insider threat harming your organization.
Read Post
jit

Enhance MongoDB Security for Atlas With Scalable Tenant Isolation

Apr 1, 2024 By Ariel Beck In Jit
As a company building a SaaS security product, our inherent culture is not only focused on building best of breed security products for our users, but also ensuring that our systems, practices and workflows are engineered to support a continuously evolving threat landscape, and to protect our users’ data. We’ve written about our design for tenant isolation for our serverless based architecture in the past, and practical methods to avoid data leakage between clients.
Read Post
obrela

Apache Superset - Database Data Retrieval Through Improper Error Handling

Mar 6, 2024 By Anastasios Stasinopoulos In Obrela
Anastasios Stasinopoulos from OBRELA LABS Team discovered a security flaw that affects Apache Superset (before 3.0.4, from 3.1.0 before 3.1.1), an open-source modern data exploration and visualization platform. Apache Superset error handling can be manipulated in order to allow data retrieval from the backend database.
Read Post
jumpcloud

How to Install PostgreSQL 16 on RHEL 9

Mar 1, 2024 By David Worthington In JumpCloud
PostgreSQL is one of the leading and widely used open source relational database management systems (RDBMS) that stores structured data in tables, just like MySQL. It is used by developers in their tech stacks and even by large enterprises and corporations to store website and application data. PostgreSQL uses SQL query language to store and manipulate data and also provides JSON support.
Read Post
veracode

Practical Steps to Prevent SQL Injection Vulnerabilities

Feb 26, 2024 By Jenny Buckingham In Veracode
In today's digital landscape, web applications and APIs are constantly under threat from malicious actors looking to exploit vulnerabilities. A common and dangerous attack is a SQL injection. In this blog, we will explore SQL injection vulnerabilities and attacks, understand their severity levels, and provide practical steps to prevent them. By implementing these best practices, you can enhance the security of your web applications and APIs.
Read Post
CalCom

How SQL Server Audit is Your Secret Security Weapon

Feb 19, 2024 By John Gates In CalCom
The SQL Server Audit object gathers individual occurrences of server or database-level actions and sets of actions for monitoring purposes. This audit operates at the SQL Server instance level, allowing for multiple audits per instance. Upon defining an audit, you designate the destination for result output. Before beginning a SQL Server audit pay attention to the limitations and restrictions associated with database audit specifications.
Read Post

Copyright © 2026 OpsMatters™. All rights reserved.