If most of your key data is stored in a database, has your supplier given you every confidence in its privilege model, built-in triggers, stored procedures and packages as well as any custom object you have created?
Our training courses cover Oracle, MSSQL, MySQL, DB2 and Informix, and give you a practical, holistic approach to attacking any database.
Over the last six years our consultants have been providing specialist expertise in database assessment, running courses at Blackhat, and writing assessment tools to expand on those currently in circulation, such as our Oracle Attack Platform
- Testing Database Authentication
- Mapping the database
- Auditing permissions on built-in tables, procedures and other objects
- Locating vulnerabilities in user-defined objects
- Exploiting built-in objects to access the filesystem, OS and network
- Recent vulnerabilities in databases
This course has a highly practical focus, featuring a range of databases and technologies, numerous applications, and a 'capture the flag' exercise.
To find out more about the course syllabus or to create a more bespoke course, please contact us.