Imperva Blog|Login|中文Deutsch日本語

Identifying Database Privilege Abuse by Malicious Insiders

This example of database privilege abuse relates to direct database attacks without Web applications. A malicious insider can decompile a fat desktop Java client to glean credential information allowing him to directly access the database with elevated privileges. Using the application's credentials for database access, not his own, he could operate with the privileges granted to the Java application.

Return to video listing Request More Information

Tags: Attack Method, Insider Threats, Privilege Abuse, Web Application Security, Database Security