Name: Database Exploits, Oh My! Security Best Practices with PostgreSQL Extensions
Start: 2022-06-15T12:30:00-0400
End: 2022-06-15T13:30:00-0400

Back To Schedule

Database Exploits, Oh My! Security Best Practices with PostgreSQL Extensions

Extensibility is a key differentiator and flagship capability of PostgreSQL, contributing to the broad community and rise in popularity as the world's most advanced open source relational database. However, with great power comes great responsibility. Unfortunately, that responsibility seems to be misunderstood more often than not, leading to potential exploits and security compromises.

In this talk, we'll discuss what happens when you install extensions, how that can present a security risk if not done properly, and how to better analyze extension vulnerabilities in advance. Specifically, we'll demonstrate three common security exploits and how to use pgspot, a new open-source tool, to examine the extensions you are creating and using on a regular basis.

Speakers

Ryan Booz

Director, Developer Advocacy, Timescale

Ryan is a Developer Advocate at Timescale, the supercharged time-series database built on PostgreSQL. Prior to Timescale, Ryan worked for more than 18 years as a developer, DBA and product manager in multiple ISVs delivering SaaS products based on time-series data.Ryan is a long-time... Read More →

Wednesday June 15, 2022 12:30pm - 1:30pm EDT
Virtual

Technical Brief, Developer Central

Audience Intermediate

Postgres Vision 2022

Log in to save this to your schedule, view media, leave feedback and see who's attending!

Ryan Booz