No video of the event yet, sorry!

The United States Defense Information System Agency Standards Branch plays a critical role in enhancing the security posture of the United States Department of Defense’s (DoD) security systems through its Security Technical Implementation Guides (STIGs). The STIGs provide DoD and other United States federal agencies with guidance on how to harden computer systems and protect cyber infrastructure that might otherwise be vulnerable to a malicious computer attack. Each guideline in the STIG provides a check and a fix. The check tells an administrator how to verify if a system is compliant and the fix gives instructions on making the system compliant.

This talk will review the major guidelines of the Database STIG and how PostgreSQL can be configured to comply with the Database STIG requirements. Specifically, this talk will provide guidance on configuration of PostgreSQL to address requirements associated with:

• Auditing
• Logging
• Encryption at rest
• Encryption over the wire
• Access controls
• Administration
• Authentication
• SQL injection

Date:

Duration:

40 min

Room:

Conference:

PGConf US 2017 [PgConf.US]

Language:

English

Track:

Regulated Industry Summit

Difficulty:

Medium