David is an Information Security Architect, and CISSP qualified. He has worked with Percona since 2013 and has over 17 years' experience in DevOps, databases and security. David is a Ju-Jitsu instructor, assistant scout leader and also volunteers at a local secondary school to teach kids computing.
A critical piece of your infrastructure is the database tier, yet people don't pay enough attention to it judging by how many are bitten via poorly chosen defaults, or just a lack understanding of running a secure database tier. In this talk, I'll focus on MySQL/MariaDB, PostgreSQL and MongoDB, and cover external authentication, auditing, encryption, SSL, firewalls, replication, and more gems from over a decade of consulting in this space from Percona's 4,000+ customers.
In this talk, we take a look at the whole stack and I don't just mean LAMP,
we'll cover what an attack surface is and some areas you may look to ensure
that you can reduce it.
What's an attack surface?
Acronym Hell, what do they mean?
Vulnerability naming is this media naming stupidity or driving the message
Detection, Prevention and avoiding the boy who cried wolf.
Emerging technologies to keep an eye on or even implement yourself to help
improve your security posture.
A live compromise demo (or backup video if something fails) which covers
compromising a PCI compliant network structure to reach the database system
and ultimately exploit multiple failures to gain bash shell access over the