The database is the core of many systems. If you are building an e-commerce website, government portal, health management system, or just a blog, you need a database. Usually, a database security system usually the last security layer between your data and hackers. Suddenly, this is also mostly underused security functionality in modern applications. You may find many books and papers about network security, firewalls, cryptography, and even application security, but not database security. In the following session, I am going to introduce the audience to the PostgreSQL security system. The audience will learn about authentication, authorization, roles, permissions, and data encryption. We will talk about database security best practices which can help you to protect data even when your application has been compromised. The ideas from the session might apply to other database management systems.