Browsed by
Category: Security

An Oracle DBA’s Guide to Microsoft SQL Server Security

An Oracle DBA’s Guide to Microsoft SQL Server Security

In today’s world, it is quite common for companies to use more than one type of relational database platform to host enterprise applications.  If you are an old-time Oracle DBA like me and are asked to administer Microsoft SQL Servers in addition to Oracle databases, the task can be pretty daunting from a SQL Server security perspective.  In this blog, I will try to explain the differences and similarities between the Oracle and SQL Server security models.  The difference in…

Read More Read More

What is Kerberos Delegation? An Overview of Kerberos Delegation

What is Kerberos Delegation? An Overview of Kerberos Delegation

Kerberos Delegation and Usage Kerberos delegation has been around for a long time (Windows Server 2000 to be exact), but more often than not, when speaking to engineers who manage or work with Active Directory, they’re not familiar with all the various implementations of Kerberos delegation, their uses, and some ways they can be abused. What I find funny, is that most people confuse Kerberos delegation with delegated permissions. The practical usage of Kerberos delegation is to enable an application…

Read More Read More

Cybersecurity Predictions for 2020

Cybersecurity Predictions for 2020

It’s that time of the year again! As we roll into 2020 we’re proud to present our 4th edition of “STEALTHbits’ Experts Cybersecurity Predictions.” We asked eight of our top industry voices here at STEALTHbits their thoughts on what’s to come in the world of cybersecurity in the next 365 days! Read on and come back at the start of 2021 to see how we did. Ransomware Will Continue To Wreak Havoc Using the Same Old Tricks Ransomware attacks will…

Read More Read More

What is a Data Repository and What is it Used for?

What is a Data Repository and What is it Used for?

Online businesses are rapidly overtaking the revenue of brick-and-mortar businesses in today’s internet age. The changes brought forth by internet-driven communication are driving businesses to become data-driven organizations.  Organizations that master how to collect and manipulate data to their advantage will triumph over their competitors. The sheer volume of data being collected by businesses today goes beyond what traditional relational databases can handle, giving rise to a series of different data repositories – Relational Databases, Data Warehouses, Data Lakes, Data…

Read More Read More

PowerShell Tips and Tricks for Scripting Active Directory Test Environments

PowerShell Tips and Tricks for Scripting Active Directory Test Environments

In my role as a Technical Product Manager, I often find myself prepping demos, setting up test environments, and helping customers test and administrate their Active Directory environments with PowerShell. PowerShell, being the most efficient and ubiquitous method of management at scale in the Windows Server world, is my goto tool anytime I need to work with Active Directory. The vast majority of my Active Directory scripting these days is targeted at test, demo, and QA environments that frequently need…

Read More Read More

How to Identify Phishing Scams and Protect Against Them

How to Identify Phishing Scams and Protect Against Them

Phishing scams are a very common technique used by identity thieves to trick you into giving them your sensitive personal or financial information. Thieves will often impersonate actual companies like credit card companies, banks or online resources such as PayPal or Dropbox. It is a challenge to recognize what is real and what isn’t but there are a few things you can do to make yourself/your organization less susceptible to this type of scam. Traditional Approach Before we discuss a…

Read More Read More

Advanced Data Security Features for Azure SQL- Part 3: Advanced Threat Protection

Advanced Data Security Features for Azure SQL- Part 3: Advanced Threat Protection

In my last blog post, we took a look at the Vulnerability Assessment within the Advanced Data Security (ADS) offering for Azure SQL. In my final blog post of the series, we will take a deep dive into the Advanced Threat Protection features. VIEW PART 1 HERE VIEW PART 2 HERE Advanced Threat Protection for Azure SQL Databases provides administrators with immediate visibility into potential threats such as suspicious database activities, potential vulnerabilities, SQL injection attacks, as well as anomalous…

Read More Read More

Pragmatic Data Security Best Practices: Part 2

Pragmatic Data Security Best Practices: Part 2

The last post, we started discussing the importance of protecting Active Directory and your unstructured data. Today, we’ll continue our discussion with the next three data security best practices to ensure the security of your data. Pragmatic Data Security Best Practice #2: Monitor Activity Monitoring activity is an essential capability, but be careful not to bite off more than you can chew. The best way to make effective use of your monitoring efforts is to focus on specific scenarios you’d…

Read More Read More

Pragmatic Data Security Best Practices: Part 1

Pragmatic Data Security Best Practices: Part 1

Data security is a major issue for any company that has valuable information to protect. Breaches of that data can cost an organization dearly in the form of business disruption, loss of revenue, fines, lawsuits, and perhaps worst of all, the loss of trust between the organization and its customers and partners. But the challenge of securing all that data is daunting. It’s easy to lose sight of the fact that some small changes can have a major impact. Just…

Read More Read More

Advanced Data Security Features for Azure SQL- Part 2: Vulnerability Assessment

Advanced Data Security Features for Azure SQL- Part 2: Vulnerability Assessment

In my last blog post, we took a look at the Data Discovery & Classification features within the Advanced Data Security (ADS) offering for Azure SQL. In this blog post, we will take a deep dive into the Vulnerability assessment. The SQL Vulnerability assessment provides administrators with a streamlined approach to identify and even remediate potential security misconfigurations or vulnerabilities within their Azure SQL databases. The Vulnerability Assessment is a scanning service that contains a set of built-in rules based…

Read More Read More

Start a Free StealthAUDIT® Trial!

No risk. No obligation.