OWASP Global AppSec US 2021
Attending this event?
Back To Schedule
Thursday, November 11 • 10:00am - 11:00am
Data at Rest Encryption - Going Beyond the Basics to Address Modern Attacks

Sign up or log in to save this to your schedule, view media, leave feedback and see who's attending!

Data encryption has long been a major component of information security. Data in transit is well protected by the Transport Layer Security (TLS) open cryptographic standard and its predecessors, but unfortunately the same cannot be said for data at rest. The current, common approach for encryption of data at rest is to rely on low-level mechanisms that satisfy compliance requirements, but do not address modern security concerns. This session will discuss shortcomings of encryption at the disk, bucket, file, and database levels and provide alternatives that offer additional protection against ransomware, data theft, insider threat, and application layer attacks such as SQL injection. Technologies and techniques covered will include Application-Level Encryption (ALE), Transparent Data Encryption (TDE), Field-Level Encryption (FLE), client-side encryption, and custom implementations.

Thursday November 11, 2021 10:00am - 11:00am PST
Feedback form isn't open yet.

Attendees (6)