Для улучшения сервиса и адаптации нашего сайта к индивидуальным потребностям пользователей мы используем информацию, зарегистрированную в файлах «cookies». Продолжая работу с сайтом, Вы соглашаетесь на сбор, изменение и сохранение в памяти Вашего устройства файлов «cookies». Вы можете изменить настройки касающиеся «cookies» в настройках браузера. OK

André Melancia "From Zero to Security Hero "

Другие интересные мероприятия

Вы зашли на страницу прошедшего мероприятия. Может быть, вас заинтересуют эти будущие мероприятия?

Билеты

Выберите количество билетов, которые вы хотите приобрести
Выберите количество билетов, которые вы хотите приобрести
Билеты на мероприятие "André Melancia "From Zero to Security Hero "" (19-05-2017 – 19-05-2017)
Продажа билетов закончилась 19 мая 2017 09:00
Продолжить »

О мероприятии

From Zero to Security Hero

Abstract:

You've just installed SQL Server. Do you trust the default installation? Is it "secure" enough for you? How easy is it to hack a SQL Server?

In this workshop we'll see a few examples on how to exploit SQL Server, modify data and take control, while at the same time not leaving a trace.

Most importantly, we'll also cover recommendations on how to avoid these attacks, discuss the recommended security best practices, and also take a look at the pros and cons of new security features in SQL Server 2016. Workshop suited for all audiences (DBA, Developer, SysAdmin). More exploits/recommendations may be covered (SQL Server 2016 seems to be full of surprises).

Objectives:

● Understanding how to bypass security on a typical installation of SQL Server, OS, network and storage;

● Securing the SQL Server and OS installation, including security best practices;

● Recommendations on SQL Server features that have security implications.

Contents:

During this training workshop, we will cover:

● How to hack a SQL Server, take control, access and change information, using multiple techniques;

● Protect against attacks, implementing network connection encryption using certificates, Always Encrypted, Transparent Data Encryption (TDE), Backup Encryption, etc.;

● Other features in SQL Server (Row Level Security, Dynamic Data Masking, Instant File Initialisation, etc.): How to hack them, and recommendations on if and when you should use them;

● Login and object security model best practices;

● Instance configuration best practices (covering the different editions and versions of SQL Server);

● Operating system hacking and security best practices (Windows, Linux, AD, virtualisation) that affect SQL Server;

● Knowing your client apps (business apps, websites, etc.): risks, exploits (SQL Injection, Social Engineering, etc.) and solutions;

● Security best practices in database cloud environments (Azure SQL Database, Azure VM with SQL Server, etc.);

● Other security recommendations.


Attendee's recommended pre-requisites:

● Audience: DBA, Developer, SysAdmin;

● Recommended: At least 6 months of regular experience with SQL Server (Database Engine);

● Attendees are encouraged to bring their laptops to follow along;

● SQL Server 2016 will be used, although earlier versions (2012 or 2014) will be sufficient in many cases.

About the trainer:

André Melancia Independent Developer/DBA/Consultant. Microsoft Certified Trainer (MCT) focusing on SQL Server, Azure and IoT. 17+ years' fun developing information and multimedia systems, DBA, project and IT management. PowerShell Portugal, IT Pro Portugal and IoT Portugal communities organiser. IPv6 Portugal, DNSSec Portugal and Windows Development Portugal online communities moderator. Actively volunteering, organising, speaking or just participating at community meetings and events like SQLSaturdays, SQLBits, SQLRelay, Maker Faire Lisbon, Arduino/Genuino Day Lisbon, Global Azure Bootcamp Lisbon, etc. Proud uncle and food devouring expert, with dangerous pussy cat as companion.

Go to http://Andy.PT and you'll know the same as the NSA...

LinkedIn: http://LinkedIn.COM/in/AndreMelancia

Twitter: @AndyPT

19
19 мая 2017
Пятница
начало в 10:00
Компьютерная академия "Шаг"
Украина, Киев
вулиця Жилянська 128/28

Организатор

Организатор: SQLSaturday Kyiv

Тел: +380637910063

Email: alesyazhook@gmail.com