Learning From Data Breaches, A Deeper Dive


Data security is hard. There’s a lot of information that’s out there it’s hard to know what to implement and what to skip over. In addition, it seems like we hear a lot about the numbers behind the data breaches, but not the technical details of how the breach occurred. However, it’s the latter that’s of value to those in information technology and information security.

In the previous webinar we focused on the specific technical issues which led to the breaches. However, mistakes will happen, zero days will be found, and oversights will happen. Also, people will trust something they shouldn’t, leading to a compromised system and account. As a result, we should expect that being breached is inevitable. Most information security professionals start with the already breached mindset, meaning they are putting a lot of energy into detecting illicit activity. In this webinar we’ll look at advanced techniques to prevent data breaches but we’ll also discuss techniques to detect unusual activity.

Not all unusual activity is malicious. In fact, most activity is benign. The key is to detect what’s not normal and then report on it for further action. In order to do so, we’ll take a look at what SQL Server gives us to be able to detect activity and how to process it in order to note the differences. The things we’ll discuss:

  • Changes to logins and users
  • Changes to server and database security
  • Changes to database objects
  • Login activity
  • Activity logging on sensitive objects

Interested in additional SentryOne webinars?  Check our webinar library.

Available On Demand

Kevin Kline

Kevin Kline

Principal Program Manager, SentryOne

Kevin (@kekline) serves as Principal Program Manager at SentryOne. He is a founder and former president of PASS and the author of popular IT books like SQL in a Nutshell. Kevin is a renowned database expert, software industry veteran, Microsoft SQL Server MVP, and long-time blogger at blogs.sentryone.com/author/kevinkline. As a noted leader in the SQL Server community, Kevin blogs about Microsoft Data Platform features and best practices, SQL Server trends, and professional development for data professionals.

Brian Kelley

Brian Kelley

Database Administrator / Architect, AgFirst Farm Credit Bank

Brian Kelley is an author, columnist, Certified Information Systems Auditor (CISA), accredited CISA trainer, and former Microsoft Data Platform (SQL Server) MVP (2009-2016) focusing primarily on SQL Server and Windows security. Brian currently serves as a data architect as well as an independent infrastructure/security architect concentrating on Active Directory, SQL Server, and Windows Server. He has served in a myriad of other positions including senior database administrator, data warehouse architect, web developer, incident response team lead, and project manager. Brian has spoken at 24 Hours of PASS, the Marathon of PASS, IT/Dev Connections, SQLConnections, the SSWUG Virtual Conferences, the Techno Security and Forensics Investigation Conference, the IT GRC Forum, SyntaxCon, and at various SQL Saturdays, Code Camps, and user groups.

Companies with the highest demands for database performance choose SentryOne