The objective is to "reduce susceptibility to these threats." (Murray, 2010) The most publicized database application vulnerability is the SQL injection
However, it is important to understand that auditing of the database does not actually prevent security breaches but does make available a means of identifying whether breaches have occurred. Common categories of auditing for a database include the following: (1) Monitoring database access attempts, (2) Data Control Language (DCL) activities (3) Data Definition Language (DDL) activities, and (4) Data Manipulation Language (DML) activities (Yang, 2009 cited in: Murray, 2010) According to the work of Murray (2010) monitoring access attempts includes "retaining information on successful and unsuccessful logon and logoff attempts