Blog Articles - Blue Core Research

Enter a query to search using AI. You can explain what you’re looking for or copy paragraphs relevant to your search:

Latest posts:

What you are doing is not working

Most organizations are under constant cyberattack — and it’s working. With 90% of companies hit and widespread breaches reported, it’s clear that today’s defenses are failing and change is urgent.

Research from Rubrik Zero Labs [link] reveals that 90% of IT and security leaders reported cyberattacks in the past year and almost 20% said they’re getting attacked on average every other week. Those are only attacks, but attacks have consequences. 30% reported on-premise data breaches, 28% cloud or SaaS breaches, and 26% reported ransomware. And…
Read more
Introduction to Databases for Security Professionals

Tracking data changes is essential for compliance and integrity in financial systems. This article explains its regulatory importance and explores practical implementation in Oracle and SQL Server environments.

What is a Database? A database is a software solution that stores, manipulates, and retrieves data. Think of an Excel spreadsheet, but a database operates on a much larger scale. It is like thousands of Excel spreadsheets, some with millions of rows, accessed simultaneously by thousands of individuals. To be accurate, that is a relational…
Read more
Tracking Data Changes and Compliance Requirements for Financial Institutions

Tracking data changes is essential for data integrity and regulatory compliance in financial institutions. This article explores practical implementation in Oracle and SQL Server.

Tracking data changes is a cornerstone of Record Keeping and Data Integrity. In the highly regulated world of banking and financial institutions, the ability to accurately track and reconstruct changes to data is not merely a best practice; it is a fundamental regulatory requirement. Financial institutions handle customer information and transactional data where even a…
Read more
Your neglected databases are a ticking time bomb

Learn why the constant cyber threats distract you and make you overlook your critical assets: your data. This negligence is a flaw at the core of your business defense.

We live in an era of relentless cyber threats. Headlines scream about ransomware attacks, data breaches, and sophisticated phishing campaigns. In response, organizations often scramble to bolster their perimeter defenses, upgrade endpoint security, and implement the latest network monitoring tools. While these measures are undoubtedly important, there’s a silent crisis brewing within the digital heart…
Read more
The Enemy Within: Why the “Trusted” Can Be Your Biggest Nightmare

Insider threats are a significant portion of the threat landscape, yet frequently ignored. Discover the risks and why protecting the data itself is the only true defense.

As security professionals, we are wired to look outward. The flashing red lights, the ominous port scans, the whispers of sophisticated APTs – these are the narratives that grab our attention. We build digital fortresses, moats of firewalls, and sentry towers of intrusion detection systems, all pointing toward a faceless external adversary. And why wouldn’t…
Read more
Database Security: From Threats to Solutions

Get up-to-date on real database threats and how to combat them. To fight back, you must know how attackers get your data. Discover current best practices that address these threats and test yourself to see if your defenses will hold.

Why is Database Security So Critical? A serious data breach means someone got into your database and stole data. Databases are the gatekeepers of your data, and anyone who wants to get it must get it from the database. While you should protect all infrastructure components, none is more important than the database. Regardless of…
Read more
Beyond the Black Box: Your database security matters more than you think

Databases often seem like black boxes – complex, obscure, and presumably secured. But that is a false assumption. Failing to pay attention to database security leaves you dangerously vulnerable and far more exposed than you realize.

Let’s be honest. For many outside the dedicated database teams, those servers humming away in the data center feel like mysterious black boxes. They hold critical information, the lifeblood of your organization, yet their inner workings often remain shrouded in inexplicable technical jargon. This lack of visibility can breed a dangerous assumption: a belief that…
Read more
Beyond the Application Walls: Why database security demands your belief and action

Relying solely on application security leaves you dangerously vulnerable. Learn why database security is equally important, if not more so. From insider threats and credential theft, attackers often skip the application and go straight for your data. Only a robust database defense can stop them.

We, as security professionals, operate in a realm of logic, risk assessment, and proactive defense. We preach the layered security model, the principle of least privilege, and the importance of defense in depth. Yet, there’s a persistent, almost baffling, undercurrent in our field: the belief that application-level security is the ultimate bastion, a shield sufficient…
Read more
PCI-DSS in SQL Server and Oracle Databases

Discover best practices, methodologies, and solutions to help you comply with PCI-DSS and protect credit card information.

Introduction PCI-DSS is a security standard published by credit card companies (PCI is the Payment Card Industry, and DSS stands for Data Security Standard). It is a mandatory requirement for anyone processing credit cards. PCI-DSS version 4.0.1 is an almost 400-page document, so this article isn’t replacing it. But we help translate PCI-DSS to practical…
Read more
Reactive Forensics and Auditing: Follow Sherlock Holmes

Learn about reactive forensics, the evidence you need, and how to prepare so that when the time comes, everything works.

A reactive forensic investigation is the IT equivalent of a detective analyzing a crime scene. Just as Sherlock Holmes reconstructed the events of a crime through clues, traces, and deductive methods, reactive forensics seeks to answer essential questions like who did it, when, how, etc.? Basically – what happened? Evidence Collection Holmes analyzes every detail…
Read more
What is the Difference Between Auditing and Monitoring?

What is the meaning of the two terms, what are the differences, what other meanings exist, and why is there confusion?

When people hear auditing and monitoring, they can easily assume they refer to the same thing. After all, both involve keeping an eye on IT systems, right? While both terms have multiple meanings, without qualifiers, they relate to functions that serve different purposes and leverage unrelated tools and technologies. Understanding these differences is fundamental to…
Read more
How to audit an Oracle database?

Learn about the different technology options for auditing Oracle and how to gain value from the data you collect.

Introduction Oracle auditing is a large, complex, and confusing subject with many technology options. We aim to demystify those and help you make educated technology choices, guiding you to a solution that works for you. From capturing data to getting value from it and from a DIY to high-end solutions, let’s explore Oracle auditing. Capture…
Read more
How to audit a SQL Server database?

Learn about the different technology options for auditing SQL Server and how to gain value from the data you collect.

Introduction SQL Server auditing is a large and complex subject with many technology options. We aim to demystify those and help you make educated technology choices, guiding you to a solution that works for you. From capturing data to getting value from it and from a DIY to high-end solutions, let’s explore the world of…
Read more
Choosing the Data Masking Solution that’s Right for You

Learn about data masking, and what to look for when buying a solution.

Introduction In today’s data-driven world, privacy and security are more crucial than ever before. Data masking solutions help protect personal, financial, and business-critical information. Selecting the right solution is essential to a successful masking project and effective protection of your sensitive information. Misleading Terminology Many vendors use terms like Anonymization, Pseudonymization, Tokenization, Hashing, Encryption, Reduction,…
Read more
Database Auditing & IDS: A Comprehensive Guide to Data Protection

Learn why database auditing & IDS is important, How to combat attacks and breaches, Tools & Technologies, Best practices, and much more.

Introduction Modern businesses run on data. From customer data to financial information and beyond, databases store plenty of sensitive information. This data enables company operations and drives decision-making. However, this reliance on data exposes organizations to significant risks. Cyberattacks and data breaches can compromise sensitive information, leading to financial loss, regulatory penalties, lawsuits, and irreparable…
Read more
Budgeting for a secure future: Optimize yours for 2025

As we move into 2025, the digital landscape continues to evolve, bringing with it opportunities and risks. Cyber threats are sophisticated and targets businesses of all sizes. For organizations, a cybersecurity strategy is no longer a luxury; it is a basic necessity.

Cybersecurity Underinvestment Data breaches are at an all-time high. Different studies show different figures about which countries are most under attack, but it’s pretty obvious that nowhere is safe. It seems as though the whole world is under attack and there are many successful data breaches. At the same time, investment in cybersecurity is insufficient…
Read more
Data Masking Performance

Everything you need to know about data masking performance – a crucial element when purchasing and implementing a masking solution.

Significance Data masking is not a daily task, so why is performance a vital subject to consider? While it’s of minor significance whether a data masking process takes 5 seconds or 5 minutes, it’s critical if it takes five days or will never finish. Impossibly long run times are not unusual and render the product…
Read more
From a hacker’s perspective

This comic book illustrates a realistic and common attack scenario. It’s common because it works. How could you defend against this type of attack?

Attack Detail & Analysis Below we’ll explain the types of attacks used in the comics, provide statistics about their prevalence, and discuss possible defensive measures. This attack and successful breach required a combination of several steps. That’s how all breaches are. While it may not be possible to stop them all the steps, you should…
Read more
Email Security: Risks & Effectiveness

A massive recent phishing campaign exposed a critical vulnerability in Proofpoint, a cloud-based email security provider. The incident raises important questions about supply chain attacks, the effectiveness of email security, and the need for layered defenses.

What Happened? Hackers found an exploit in organizations that use Office 365 and Proofpoint. The exploit allowed the hackers to send authenticated emails with digital signatures identical to emails sent by those organizations. The list of exploited organizations includes Disney, Coca-Cola, IBM, Nike, Best Buy, and many others. Using this exploit, hackers sent over at…
Read more
Potential Risks in Endpoint Security

The recent worldwide outages due to a CrowdStrike update raised the unavoidable question: Do the benefits of endpoint security outweigh the risks, and what are the alternatives?

What Happened As we’ve seen, a bug in a CrowdStrike update caused worldwide havoc. Approximately 8 million Windows computers crashed at many companies, from airlines to broadcast news to hospitals. Desperate users took to forums, some entire organizations ground to a halt, and some problems persisted for days and longer. While CrowdStrike was able to…
Read more