Class Central is learner-supported. When you buy through links on our site, we may earn an affiliate commission.

YouTube

How I Would Attack SQL Server

PASS Data Community Summit via YouTube

Start learning Write review
Boot.dev Ad

Stuck in Tutorial Hell? Learn Backend Dev the Right Way

Learn More → DataCamp Ad

AI Engineer - Learn how to integrate AI into software applications

Learn More →

Overview

Google, IBM & Meta Certificates — All 10,000+ Courses at 40% Off
One annual plan covers every course and certificate on Coursera. 40% off for a limited time.
Get Full Access
Explore the mindset of a motivated adversary targeting SQL Server in this conference talk from PASS Data Community Summit. Delve into traditional and non-traditional weak points, discovery methods, exploitation techniques, and cover-up strategies. Learn about compensating for unfixable weaknesses through detection and response, and understand how attackers might counter these measures. Gain insights into attack strategies like phishing, spear phishing, and SQL injection. Discover the importance of least privilege, auditing, extended events, and selective neglect in defending against attacks. Understand attacker motivations, including data extraction, sabotage, lateral movement, and system compromise. Acquire practical knowledge on securing both production and non-production environments to keep adversaries at bay.

Syllabus

Introduction
SQL Server Community
Brian Kelley
The Weak Link
Phishing
spear phishing
attack strategy
what can you do
least privilege
auditing
extended events
selective neglect
motivation
extract files
sabotage
lateral movement
compromise
how to keep you out
nonproduction
solution
SQL Injection

Taught by

PASS Data Community Summit

Reviews

Start your review of How I Would Attack SQL Server

Start learning

Never Stop Learning.

Get personalized course recommendations, track subjects and courses with reminders, and more.

Sign up for free
Someone learning on their laptop while sitting on the floor.