[Owasp-leaders] DB encryption (here: MySQL)

Dirk Wetter dirk.wetter at owasp.org
Tue Mar 12 17:43:33 UTC 2013

Hi all,

am I just too stupid to find it?

Basically I found at OWASP only a bit regarding this topic,
e.g. useful was Ralph Durkee's talk


and some vague slides elsewhere regarding PCI DSS (they seem
to recommend AES_DE/ENCRYPT which is critical for
transaction and other logs.)

There seems to be no such thing as a best practice

Any hints?



More information about the OWASP-Leaders mailing list