This is Jeff Coveney's Typepad Profile.
Join Typepad and start following Jeff Coveney's activity
Join Now!
Already a member? Sign In
Jeff Coveney
Interests: baseball, skiing, red sox
Recent Activity
Image
The Infosec show in Orlando at Disney's Contemporary Resort just kicked off and we have a number of folks stopping by the AppSecInc booth to discuss database security. If you are here, make sure to stop by booth 512 and... Continue reading
Posted Apr 2, 2012 at Database Security 3.0
As angry hackers plaster personal information of LulzSec’s key members online, and with law enforcement nipping at their heels, the LulzSec crew has apparently returned back to the Anonymous collective from whence they came. LulzSec may or may not be gone (I suspect they’ll return due to “popular demand”), but the hacking will continue. In the past months, LulzSec, Anonymous, and several other makeshift collaboratives have shown the world just how easy it is to take down a website, humiliate corporations and government agencies, and steal confidential data. Continue reading
Posted Jun 27, 2011 at Database Security 3.0
Image
PCI and poor web app coding have driven organizations to look at Web Application Firewalls (WAF) as a possible cost-effective security & compliance solution. Continue reading
Posted May 3, 2011 at Database Security 3.0
Image
The Infosec show in Orlando started earlier today. AppSec CTO Josh Shaul is speaking Wednesday if you would like to get his insight on database security. Stop by our booth at 606 and get a free tshirt if you mention... Continue reading
Posted Apr 19, 2011 at Database Security 3.0
Image
Come stop by our booth here in Miami at the Hotel Intercontinental. Menton this post and get a free tshirt. The show started this morning featuring a keynote from Joe Jarzombek from the U.S. Department of Homeland Security. In this... Continue reading
Posted Oct 13, 2010 at Database Security 3.0
Image
I’m back from Las Vegas caught up with my e-mail, well sort of. And finally I got some time to sort out my thoughts about Black Hat 2010. I had skipped 2009 and was excited to get back to Caesars... Continue reading
Posted Aug 5, 2010 at Database Security 3.0
Image
Application Security, Inc.’s Team SHATTER (Security Heuristics of Application Testing Technology for Enterprise Research) has starting taking database security and vulnerability questions. Our first question was submitted by @jedimercer asking: How can I verify ADMIN_RESTRICTIONS is enabled on an Oracle... Continue reading
Posted Aug 4, 2010 at Database Security 3.0
Image
This is not your father’s analyst conference. In fact probably not your grandfather’s either. Strong focus on technology? Check. Without the other stuff. And it was no surprise that 90% of the attendees held technical positions. Despite the madness of... Continue reading
Posted Jul 29, 2010 at Database Security 3.0
Application Security, Inc.’s Team SHATTER (Security Heuristics of Application Testing Technology for Enterprise Research) has researched the Top 10 Database Vulnerabilities in order to provide you with the most up-to-date vulnerabilities, risk and remediation information. Today’s post wraps up the... Continue reading
Posted Jul 22, 2010 at Database Security 3.0
Application Security, Inc.’s Team SHATTER (Security Heuristics of Application Testing Technology for Enterprise Research) has researched the Top 10 Database Vulnerabilities in order to provide you with the most up-to-date vulnerabilities, risk and remediation information. Organizations house sensitive data –... Continue reading
Posted Jul 19, 2010 at Database Security 3.0
Application Security, Inc.’s Team SHATTER (Security Heuristics of Application Testing Technology for Enterprise Research) has researched the Top 10 Database Vulnerabilities in order to provide you with the most up-to-date vulnerabilities, risk and remediation information. Today’s topic is Denial of... Continue reading
Posted Jul 9, 2010 at Database Security 3.0
Application Security, Inc.’s Team SHATTER (Security Heuristics of Application Testing Technology for Enterprise Research) has researched the Top 10 Database Vulnerabilities in order to provide you with the most up-to-date vulnerabilities, risk and remediation information. Today’s topic is Privilege Escalation.... Continue reading
Posted Jul 7, 2010 at Database Security 3.0
Application Security, Inc.’s Team SHATTER (Security Heuristics of Application Testing Technology for Enterprise Research) has researched the Top 10 Database Vulnerabilities in order to provide you with the most up-to-date vulnerabilities, risk and remediation information. The first five installments of... Continue reading
Posted Jun 30, 2010 at Database Security 3.0
Image
June in Washington, DC. That means Gartner’s IT Security & Risk Management Summit. This year’s theme really seems to be linking risk with security, and trying to figure out some sort of formula to determine where you need to implement... Continue reading
Posted Jun 23, 2010 at Database Security 3.0
Application Security, Inc.’s Team SHATTER (Security Heuristics of Application Testing Technology for Enterprise Research) has researched the Top 10 Database Vulnerabilities in order to provide you with the most up-to-date vulnerabilities, risk and remediation information. Once upon a time, Database... Continue reading
Posted Jun 18, 2010 at Database Security 3.0
Application Security, Inc.’s Team SHATTER (Security Heuristics of Application Testing Technology for Enterprise Research) has researched the Top 10 Database Vulnerabilities in order to provide you with the most up-to-date vulnerabilities, risk and remediation information. Database Management Systems (DBMS) have... Continue reading
Posted Jun 14, 2010 at Database Security 3.0
Application Security, Inc.’s Team SHATTER (Security Heuristics of Application Testing Technology for Enterprise Research) has researched the Top 10 Database Vulnerabilities in order to provide you with the most up-to-date vulnerabilities, risk and remediation information. Today’s topic is SQL Injection... Continue reading
Posted May 25, 2010 at Database Security 3.0
Application Security, Inc.’s Team SHATTER (Security Heuristics of Application Testing Technology for Enterprise Research) has researched the Top 10 Database Vulnerabilities in order to you with the most up-to-date vulnerabilities, risk and remediation information. Today’s topic is Default, Blank &... Continue reading
Posted May 18, 2010 at Database Security 3.0
According to Dark Reading, the bottom lines of two companies were hit over the past several weeks due to data breach fines. The Financial Industry Regulatory Authority (FINRA) fined one firm $375,000 while the Florida Attorney General fined another $975,000.... Continue reading
Posted Apr 27, 2010 at Database Security 3.0
Image
If you are at the show, make sure to stop by and day hello to Dan and Jeff at booth 318. Jeff Coveney Sent via wireless BlackBerry. Please excuse brevity or typos. Continue reading
Posted Apr 19, 2010 at Database Security 3.0
Yesterday, Oracle posted their Critical Patch Update (CPU) as they do every quarter. This update contained fixes for 8 database management system vulnerabilities. Some of the more interesting findings from the update include: · Attacks that combine all 8 database... Continue reading
Posted Apr 14, 2010 at Database Security 3.0
Jeff Coveney is now following The Typepad Team
Mar 15, 2010
Image
Byamba is back and entertaining the crowds here at RSA in San Fran. Stop by our booth at 2539 and take a photo. Mention this post to Jeff or Jen and get a free hat. Jeff Coveney Sent via wireless... Continue reading
Posted Mar 2, 2010 at Database Security 3.0
At last week’s BlackHat D.C., David Litchfield revealed 0-day vulnerabilities in Aurora, the Java implementation built into Oracle. Vulnerabilities in the following packages: DBMS_JAVA DBMS_JAVA_TEST DBMS_JVM_EXP_PERMS allow an attacker to escalate their privileges to sysdba and take complete control of... Continue reading
Posted Feb 8, 2010 at Database Security 3.0
Image
The show has started and our first session was jam packed." Know what you're up against" is our theme and world champion Byamba is here promoting the message. Stop by if you are in San Fran. Jeff Coveney Sent via... Continue reading
Posted Oct 12, 2009 at Database Security 3.0