There are many aspects and considerations when securing PostgreSQL. This talk will cover some examples of the dangers associated with typical default installations, along with built-in features and extensions available to mitigate them. It will cover an overview of security features related to PostgreSQL and available extensions, and focus on the recently published PostgreSQL security guidelines: the DISA STIG and the Center for Internet Security Benchmark. There are many aspects and considerations when securing PostgreSQL. This talk will cover some examples of the dangers associated with typical default installations, along with built-in features and extensions available to mitigate them. It will cover an overview of security features related to PostgreSQL and available extensions, and focus on the recently published PostgreSQL security guidelines: the DISA STIG and the Center for Internet Security Benchmark. Specifically, we will cover: A. PostgreSQL and Ecosystem: Security Features 1. International Certifications 2. Security Features i. Perimeter ii. Internal iii. Chronological B. Security Guidelines 1. Security Technical Implementation Guide (STIG) i. Overview ii. PostgreSQL STIG iii. Example Control 2. CIS Benchmark i. Overview ii. PostgreSQL Benchmark iii. Example C. Settings 1. postgresql.conf 2. pg_hba.conf rules The audience is anyone interested in security within a relational database. Learning Objectives: * Identify security considerations when deploying PostgreSQL. * Understand the features available in PostgreSQL and/or closely related open source technologies which address the identified security considerations. * How security guides are utilized to provide significantly enhanced security in PostgreSQL.