I am convinced that if we were really monitoring our databases there would be fewer data hacks in the news each month. But security analysts often face an uphill battle when it comes to getting visibility into databases. Database admins are understandably very conservative about anything that could impact the performance, availability or integrity of the organization's data. That's good; that's their job.
But if you are running SQL Server 2008 or later you can have it all. Gone are the days of SQL Trace and C2 Auditing which gave auditing such a bad name in the minds of DB admins.
If you think the Windows Security Log is valuable, wait till you see SQL 2008+'s audit capability.
Please invite your DB admins to this webinar. My goal is to show DB admins and security analysts the awesome detection capabilities you can take advantage of to detect data theft and tampering without the risk of adversely impacting SQL Server or the applications and business processes that depend on it.
There are many ways to use SQL audit – it's extremely flexible and granular. You can audit just the actions on just the objects for just the accounts you wish. The big difference between the Windows Security Log and SQL Audit is your ability to squelch the noise in SQL Audit. In Windows Audit you can't prevent it from being generated.
In this webinar I will show you how
- SQL audit works. How to enable it. How to control what gets logged, etc.
- To ensure performance isn't impacted
- While generating the events
- Or with collection of logs. In fact, log collection won't even touch the production SQL server. I mean ZERO touch. No agents, no polling, no inbound connections.
- How to integrate it with your SIEM
- Key events to monitor
- How to lay traps that are sure to be tripped by external attackers that make it into your database server
Please join me for this real training for free ™ webinar. And don’t forget to invite your DB admins.