Ethical Hacking

Learn to find vulnerabilities before the bad guys do! Gain real world hands on hacking experience in our state of the art hacking lab. Course designed and taught by expert instructors with years of penetration testing experience. 12 student maximum in every class. Certification attempt included in every package.
Computer Forensics Training at InfoSec Institute

Gain the in-demand skills of a certified computer examiner, learn to recover trace data left behind by fraud, theft, and cybercrime perpetrators. Discover the source of computer crime and abuse at your organization so that it never happens again. All of our class sizes are guaranteed to be 12 students or less to facilitate one-on-one interaction with one of our expert instructors.




Network Security Web-App-Sec
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

web application, data classification and database security

from [test . future] Network Security [Permanent Link]
Subject: web application, data classification and database security
Date: 26 Sep 2006 08:11:08 -0000 
Dear all,

In our organization, after several years of integration effort, now our 
database is integrated to one physical box. The web applications which require 
database access are all intranet with login. However, things change. Now we are 
developing internet web apps which need database access also, some require 
login, some not. We are also developing intranet no-login apps with database 
access. The DBA is very much concerned with the security of the database. 
Should we segregate internet and intranet application infrastructure? That 
means one set of web server, app server and database server for internet apps, 
another set for intranet apps. Or should we classify the apps based on whether 
they need login? Or data criticality classification? What's the industry best 
practices? Thanks for any advice. 

-------------------------------------------------------------------------
Sponsored by: Watchfire

It's been reported that 75% of websites are vulnerable to attack. That's 
because hackers know to exploit weaknesses in web applications. 
Traditional approaches to securing these assets no longer apply. Download 
the "Addressing Challenges in Application Security" whitepaper today, and 
see for yourself.

https://www.watchfire.com/securearea/whitepapers.aspx?id=701500000008Vmw
--------------------------------------------------------------------------
[More messages with this same subject...]




<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  Ruxcon 2006, cfp
Next by Date:  XML Port Scanning, Paul Theriault
Previous by Thread:  Ruxcon 2006, cfp
Next by Thread:  Re: web application, data classification and database security, test . future
Indexes:  [Date] [Thread] [Top] [All Lists]