Stealthbits

INSIDER THREAT SECURITY BLOG

And other things that keep you up at night

Blog >Uncategorized

Browsed By
Category: Uncategorized

Installing SQL Server 2019 on Centos 8

Installing SQL Server 2019 on Centos 8

| Sujith Kumar | | Leave a Comment
Microsoft announced the release of SQL Server 2019 at Ignite 2019 with some exciting new features including Scalar UDF inlining, always-on connection, and Linux support. In my previous blog, I walked through the steps of integrating a Linux host running on CentOS 8 into a Windows Active Directory (AD) domain configured on Windows 2012 R2 Server Standard Edition. In this blog, I will be using the same AD domain joined CentOS 8 server to install and configure SQL Server 2019 for Linux. Whet…
Malware’s Growth During the COVID-19 Pandemic

Malware’s Growth During the COVID-19 Pandemic

| Dan Piazza | | Leave a Comment
If recent years have taught us anything about the intent of threat actors, it’s that no victim or circumstance is off limit when there’s a profit to be made. Throughout the year attackers have used COVID-19 to take advantage of victims’ fears of the virus, exploited new attack surfaces resulting from the increase in remote work, and even attempted to steal vaccine research. Earlier this year, it was reported that the FBI’s Internet Crime Complaint Center (IC3) has seen reports in cybercri…
Authentication, Authorization, Single Sign-On, & Federated Identity Explained

Authentication, Authorization, Single Sign-On, & Federated Identity Explained

Identity and access management (IAM) is a major part of day-to-day enterprise workflows, and with that often comes confusion around authentication, authorization, single sign-on, and federated identity. Let’s break each down in simple terms, which also apply to consumer workflows in addition professional environments. Authentication (AuthN) vs. Authorization (AuthZ) Authentication is confirming a user is who they say they are, when logging-in to an account, service, website, applicatio…
What Active Directory Groups Am I In?

What Active Directory Groups Am I In?

It’s often helpful to know which Active Directory groups your current user is a member of when joined to a domain. That information is typically easy to obtain, however you need to know where to look. For many, having a graphical UI is helpful for any task. While this isn’t the quickest way to locate your AD group membership, it’s the best way if you want to avoid the command line (i.e. PowerShell or Command Prompt). Let’s discuss several methods to achieve our goal, including via the …
What is the Difference Between an O365 E5 and an E3 License with Respect to Security Features?

What is the Difference Between an O365 E5 and an E3 License with Respect to Security Features?

Microsoft’s licensing can be a little confusing when it comes to figuring out exactly how many E5/E3 licenses you will need to actually leverage the security features associated with a given license. This blog is written with the assumption that you know what features you are interested in buying and/or at have a basic understanding of the O365 E3/E5 license suites security features. One of the main reasons I looked into this in the first place was to figure out how features which require…
PostgreSQL Server Security Primer

PostgreSQL Server Security Primer

| Sujith Kumar | | Leave a Comment
PostgreSQL or simply referred to as Postgres has had a very colorful history.  It began in 1986 as a POSTGRES project led by Professor Michael Stonebraker, which was sponsored by Defense Advanced Research Projects Agency (DARPA), the Army Research Office (ARO), the National Science Foundation (NSF), and ESL, Inc.   Postgres95 was released in 1994 for general use on the web which included support for SQL language interpretation.  In 1996, Postgres95 was officially renamed …
Lei Geral de Proteção de Dados Pessoais (LGPD Compliance) What You Need to Know About Brazil’s National Data Privacy Regulation

Lei Geral de Proteção de Dados Pessoais (LGPD Compliance) – What You Need to Know About Brazil’s National Data Privacy Regulation

| Dan Piazza | | Leave a Comment
It can be difficult to keep up with all the data privacy regulations across the globe, and failure to comply can result in heavy fines and other punishments. This growth of global data privacy laws represents major progress for consumer rights and gives organizations who comply a chance to earn trust from their customers. This brings us to the most recent major data privacy law to go into effect – Brazil’s Lei Geral de Proteção de Dados Pessoais (LGPD). Originally the regulation was set t…
Understanding Effective Access in SQL Server

Understanding Effective Access in SQL Server

| Sujith Kumar | | Leave a Comment
Microsoft SQL Server is the third most popular Relational Database Management System (RDBMS) as of September 2020 according to DB-Engines ranking.  It is also the most confusing RDBMS when it comes to database security compared to other popular RDBMS systems, such as Oracle, PostgreSQL, etc.  Having worked with Oracle for a very long time, I found SQL Server security very confusing when I started working with it for the first time.  Part of the complication stems from the fact…
What is an Insider Threat?

What is an Insider Threat?

| Farrah Gamboa | | Leave a Comment
September has been declared National Insider Threat Awareness Month (NITAM) through a joint venture between the National Counterintelligence and Security Center (NSC) and the National Insider Threat Task Force (NITTF).  The goal of this effort is to educate organizations and their employees on the threat, helping them understand how it can occur through both intentional and unintentional means, and to help employees recognize and report unusual behavior. This is amidst a particularly…
Scanning for Sensitive Data in Snowflake with Stealthbits AnyData

Scanning for Sensitive Data in Snowflake with Stealthbits AnyData

Having multiple public/private clouds and data repositories has become ubiquitous in professional environments. For most, gone are the days of storing all data on local filers or even in a limited set of online repositories. The reality is that each organization’s sensitive data is being stored in many cloud databases, object storage repos, SMB implementations, version control, CRM software, and more. These days the list seems to be never-ending – Azure Storage, GitHub, Snowflake, Salesfo…

Subscribe

DON’T MISS A POST. SUBSCRIBE TO THE BLOG!

 

Loading

© 2020 Stealthbits Technologies, Inc.

Start a Free Stealthbits Trial!

No risk. No obligation.

FREE TRIAL