This site is the archived OWASP Foundation Wiki and is no longer accepting Account Requests.
To view the new OWASP Foundation website, please visit https://owasp.org
Difference between revisions of "SQL Server Forensics 2.0"
(Created page with 'Many forensics investigations lead to the discovery that a SQL Server database might have been breached. If investigators cannot assess and qualify the scope of an intrusion, the…') |
|||
| Line 1: | Line 1: | ||
Many forensics investigations lead to the discovery that a SQL Server database might have been breached. If investigators cannot assess and qualify the scope of an intrusion, they may be forced to report it publicly – a disclosure that is painful for companies and customers alike. There is only one way to avoid this problem: Learn the skills needed to qualify and investigate SQL Server intrusions. | Many forensics investigations lead to the discovery that a SQL Server database might have been breached. If investigators cannot assess and qualify the scope of an intrusion, they may be forced to report it publicly – a disclosure that is painful for companies and customers alike. There is only one way to avoid this problem: Learn the skills needed to qualify and investigate SQL Server intrusions. | ||
| − | + | ||
This session will provide you an overview of how to collect and preserve artifacts from the published and unpublished repositories of Microsoft SQL Server and how these artifacts can be analyzed to confirm or discount a database intrusion. We’ll also review techniques that can be used to qualify the actions that were performed by an unauthorized database user. | This session will provide you an overview of how to collect and preserve artifacts from the published and unpublished repositories of Microsoft SQL Server and how these artifacts can be analyzed to confirm or discount a database intrusion. We’ll also review techniques that can be used to qualify the actions that were performed by an unauthorized database user. | ||
Latest revision as of 06:53, 24 July 2009
Many forensics investigations lead to the discovery that a SQL Server database might have been breached. If investigators cannot assess and qualify the scope of an intrusion, they may be forced to report it publicly – a disclosure that is painful for companies and customers alike. There is only one way to avoid this problem: Learn the skills needed to qualify and investigate SQL Server intrusions.
This session will provide you an overview of how to collect and preserve artifacts from the published and unpublished repositories of Microsoft SQL Server and how these artifacts can be analyzed to confirm or discount a database intrusion. We’ll also review techniques that can be used to qualify the actions that were performed by an unauthorized database user.
