This is a talk of two halves: In the first half we look at Database Vault and understand what it does and how it works. We also look at exploiting databases and applications without Database Vault installed and show how they can be hacked.
We'll also talk about what happens when we add database vault: How does it help? Does it stop the hacking succeeding? What happens when we furher build realms around the key data (credit cards that can be stolen)
In the second half we'll explore the problem that you would like to use Database Vault but you cannot justify the cost or you simply cannot use it because like me you are on SE, SE1 or SE2 where it's not possible to use it as its an EE feature. We'll explore the core ideas of Database Vault and look at what can be done instead; how close can we get to having a secure database without it.