This site is the archived OWASP Foundation Wiki and is no longer accepting Account Requests.
To view the new OWASP Foundation website, please visit https://owasp.org

SQL Server Forensics 2.0

From OWASP
Revision as of 06:53, 24 July 2009 by Dhruvsoi (talk | contribs)

(diff) ← Older revision | Latest revision (diff) | Newer revision → (diff)
Jump to: navigation, search

Many forensics investigations lead to the discovery that a SQL Server database might have been breached. If investigators cannot assess and qualify the scope of an intrusion, they may be forced to report it publicly – a disclosure that is painful for companies and customers alike. There is only one way to avoid this problem: Learn the skills needed to qualify and investigate SQL Server intrusions.

This session will provide you an overview of how to collect and preserve artifacts from the published and unpublished repositories of Microsoft SQL Server and how these artifacts can be analyzed to confirm or discount a database intrusion. We’ll also review techniques that can be used to qualify the actions that were performed by an unauthorized database user.

Retrieved from "https://wiki.owasp.org/index.php?title=SQL_Server_Forensics_2.0&oldid=66475"