Archive: May 2012

Common Database Vulnerabilities and Misconfigurations

I recently attended the MIS Training Institute’s Infosec Conference held in Orlando, Florida and sat in on a presentation by Josh Shaul, Chief Technology Officer with Application Security Inc.  The topic of the presentation was the top 10 most common database vulnerabilities and misconfigurations. I felt that the information was not only relevant to providing assurance of database systems security when auditing, but also provided a glimpse of some of the most common and sophisticated attack methods used to invade enterprise databases, and I wanted to pass along a few of the more important points.

Read More

Too many SSAE 16 audit detours?

  Does your Auditor offer: fixed fees? NO out-of-pocket expenses? a declining fee structure? over 250 SOC Audits of experience? the draft report within 10 days of completion? responds to your calls and emails on the same day?   If your current CPA firm is not meeting these standards,…

Read More