TT8700: Securing Databases: Practical Database Security Skills for Safer Systems

To view the class schedule you need to become an Affiliate

• Largest “Guaranteed To Run” public technical training schedules available
• Easy to become an Affiliate – no charge or fee

Become an EPIC Affiliate

already an Affiliate?  Login

About this Course

Securing Databases: Practical Skills for Safer Systems is an expert-led course
designed for database administrators, developers, technical leaders, and stakeholders
who are responsible for protecting data in enterprise environments. As organizations
place greater reliance on data to drive operations and decision-making, and as
compliance requirements grow more demanding, securing your databases is no longer
optional. This two-day course will provide you with the knowledge and practical skills
needed to identify threats, reduce vulnerabilities, and protect the confidentiality,
integrity, and availability of your data systems. This is lecture, follow-along demo style
class where our security expert will walk you through practical skills and techniques you
can mirror in real time, hands-on, on your machine.
You will begin by exploring the foundations of bug hunting, including how and why to
identify vulnerabilities in a safe, ethical, and effective manner. You will gain a solid
grounding in core information security principles as they apply to databases and learn
how to fingerprint database systems, understand data flow paths, and evaluate data
validation practices.
Throughout the course, you will examine key database security concerns and build
hands-on skills to secure data at rest and in motion. You will learn how to classify and
inventory assets, manage privileges based on business value, and apply boundary
defenses to help contain potential threats. You will also gain strategies to ensure
continuity of service in the event of disruptions or attacks.
The course will help you recognize and respond to a wide range of database-specific
vulnerabilities. You will analyze injection attacks, weak authentication and access
control, insider threats, and the dangers of insecure data handling. You will also explore
how malware and ransomware can target database systems and how inadequate third-
party security practices can open new risks. Cryptography fundamentals and
compliance alignment will be covered to help you strengthen your defenses and meet
internal and external security expectations.
By the end of this class, you will have the tools and perspective to approach database
security with confidence. You will learn to identify and prioritize risks, implement layered
security models, detect vulnerabilities, and respond to incidents using structured and
sustainable methods. Whether your goal is to meet compliance mandates or to build a
more secure data environment, this course will help you make smart, security-focused
decisions that support your mission and protect what matters most.
NOTE: While the focus of this course is on securing databases, it is important to
understand that databases are rarely targeted in isolation. Most real-world attacks begin at connect to the data. This class is application framework agnostic,
but in order to demonstrate how vulnerabilities like injection actually unfold in context,
we use a simple ASP.NET (C#) web application as the example environment. You do
not need to know C# or be a developer to follow along. What you do need is a basic
understanding of how websites and web servers work, so you can see how database
flaws show up in the bigger picture, and how to stop them.

Objectives

By the end of this course, you will be able to confidently identify risks, secure sensitive
data, and take effective steps to protect your database environments. This class is
designed to provide you with practical tools and techniques that can be immediately
applied in real-world scenarios. Below are some of the key skills you will develop during
the course:
 Hunt for vulnerabilities safely and responsibly. Learn how to identify security flaws in
databases using ethical bug hunting techniques without putting your systems at risk.
 Understand and apply core database security principles. Get comfortable with the
fundamentals of data security and how they translate into smarter, safer database
practices.
 Protect data at rest and in motion. Use proven strategies to secure your data during
storage and transmission, reducing the chances of leaks or breaches.
 Spot and defend against common attack vectors. Recognize threats like SQL
injection, malware, ransomware, and insider misuse—and know what to do about them.
 Implement strong privilege and access controls. Manage who can access what, and
limit exposure with practical, role-based privilege management techniques.
 Build a proactive, layered security approach. Learn how to combine tools and
strategies to create a resilient defense that helps keep your databases safe over time.
If your team requires different topics, additional skills or a custom approach, our team
will collaborate with you to adjust the course to focus on your specific learning
objectives and goals.

Audience Profile

This course is designed for those who are new to database security and want to build
foundational skills that can be applied right away. Ideal attendees include DBAs,
developers, technical leaders, and business stakeholders responsible for data protection or compliance. A general understanding of how databases work will help you
get the most out of the course.

At Course Completion

Outline

Please note that this list of topics is based on our standard course offering, evolved
from current industry uses and trends. We will work with you to tune this course and
level of coverage to target the skills you need most. Course agenda, topics and labs are
subject to adjust during live delivery in response to student skill level, interests and
participation.
Bug Hunting Foundation
Why Hunt Bugs?
Safe and Appropriate Bug Hunting/Hacking
Principles of Information Security
Fingerprinting Databases
Data Flows and Validation
Database Security Concerns
Securing Data at Rest and in Motion
Assets
Privilege Management
Boundary Defenses
Continuity of Service
Vulnerabilities and Databases
Injection Attacks
Authentication and Access Control
Data Breaches
Malware and Ransomware
Insider Threats
Cryptography
Insecure Data Handling
Inadequate 3rd Party Security
Asset Inventory
Non Compliance

Prerequisites

This course is designed for those who are new to database security and want to build
foundational skills that can be applied right away. Ideal attendees include DBAs, developers,
technical leaders, and business stakeholders responsible for data protection or compliance. A
general understanding of how databases work will help you get the most out of the course.
Before attending, you should be comfortable with:
 Basic database concepts and how they are used in your organization
 Reading or writing simple SQL queries
 Understanding how applications interact with databases