SQL Server Attack Ride-Along: Detecting and Investigating a Database Attack

Presented by

Nick Cavalancia (Technical Evangelist, Microsoft MVP & CEO of Conversational Geek), Jordan Jasnoch (Solutions engineer)

About this talk

Did you know that a botnet called Vollgar is hijacking thousands of SQL servers every single day? Even worse, Vollgar is just one of some 30 cryptocurrency mining botnets operating today, and these campaigns often go undetected for days or even weeks. These attacks highlight how vulnerable database servers are — and how easily they serve as a launching point for additional malicious activity in the network. Fortunately, there are effective defense strategies. Join this real-training-for-free session to learn what you need to know to protect your organization. First, Microsoft MVP and cybersecurity expert Nick Cavalancia will explain exactly why SQL Servers make such great initial attack vectors and describe the tactics and techniques that adversaries use once they have established access. Then Jordan Jasnoch, SQL Server expert and solutions engineer at Netwrix, will dive into how you can protect your critical SQL Server data. He’ll walk you through an attack and how you can spot the tracks it leaves in the logs, including OS changes, modifications of database configuration and elevation of database privileges. Moreover, he’ll provide key best practices for hardening the security of your SQL servers so you can proactively block attacks.

Related topics:

More from this channel

Upcoming talks (9)
On-demand talks (156)
Subscribers (4497)
Netwrix empowers information security and governance professionals to identify and protect sensitive data to reduce the risk of a breach. Our solutions also limit the impact of attacks by helping IT teams detect, respond and recover from them faster and with less effort. Over 13,000 organizations worldwide rely on Netwrix solutions to strengthen their security and compliance posture across all three primary attack vectors: data, identity and infrastructure.