We will review a multi-layered framework for PostgreSQL security, with a deeper focus on limiting access to the database and data, as well as securing the data. Using the popular AAA (Authentication, Authorization, Auditing) framework we will cover:
Best practices for authentication (trust, certificate, MD5, Scram, etc).
Advanced approaches, such as password profiles.
Deep dive of authorization and data access control for roles, database objects (tables etc), view usage, row level security and data redaction.
Auditing, encryption and SQL injection attack prevention.