-
Let’s be honest. For many outside the dedicated database teams, those servers humming away in the data center feel like mysterious black boxes. They hold critical information, the lifeblood of your organization, yet their inner workings often remain shrouded in inexplicable technical jargon. This lack of visibility can breed a dangerous assumption: a belief that…
-
We, as security professionals, operate in a realm of logic, risk assessment, and proactive defense. We preach the layered security model, the principle of least privilege, and the importance of defense in depth. Yet, there’s a persistent, almost baffling, undercurrent in our field: the belief that application-level security is the ultimate bastion, a shield sufficient…
-
Introduction PCI-DSS is a security standard published by credit card companies (PCI is the Payment Card Industry, and DSS stands for Data Security Standard). It is a mandatory requirement for anyone processing credit cards. PCI-DSS version 4.0.1 is an almost 400-page document, so this article isn’t replacing it. But we help translate PCI-DSS to practical…
-
A reactive forensic investigation is the IT equivalent of a detective analyzing a crime scene. Just as Sherlock Holmes reconstructed the events of a crime through clues, traces, and deductive methods, reactive forensics seeks to answer essential questions like who did it, when, how, etc.? Basically – what happened? Evidence Collection Holmes analyzes every detail…
-
When people hear auditing and monitoring, they can easily assume they refer to the same thing. After all, both involve keeping an eye on IT systems, right? While both terms have multiple meanings, without qualifiers, they relate to functions that serve different purposes and leverage unrelated tools and technologies. Understanding these differences is fundamental to…
-
Introduction Oracle auditing is a large, complex, and confusing subject with many technology options. We aim to demystify those and help you make educated technology choices, guiding you to a solution that works for you. From capturing data to getting value from it and from a DIY to high-end solutions, let’s explore Oracle auditing. Capture…
-
Introduction SQL Server auditing is a large and complex subject with many technology options. We aim to demystify those and help you make educated technology choices, guiding you to a solution that works for you. From capturing data to getting value from it and from a DIY to high-end solutions, let’s explore the world of…
-
Introduction In today’s data-driven world, privacy and security are more crucial than ever before. Data masking solutions help protect personal, financial, and business-critical information. Selecting the right solution is essential to a successful masking project and effective protection of your sensitive information. Misleading Terminology Many vendors use terms like Anonymization, Pseudonymization, Tokenization, Hashing, Encryption, Reduction,…
-
Introduction Modern businesses run on data. From customer data to financial information and beyond, databases store plenty of sensitive information. This data enables company operations and drives decision-making. However, this reliance on data exposes organizations to significant risks. Cyberattacks and data breaches can compromise sensitive information, leading to financial loss, regulatory penalties, lawsuits, and irreparable…
-
Cybersecurity Underinvestment Data breaches are at an all-time high. Different studies show different figures about which countries are most under attack, but it’s pretty obvious that nowhere is safe. It seems as though the whole world is under attack and there are many successful data breaches. At the same time, investment in cybersecurity is insufficient…
-
Significance Data masking is not a daily task, so why is performance a vital subject to consider? While it’s of minor significance whether a data masking process takes 5 seconds or 5 minutes, it’s critical if it takes five days or will never finish. Impossibly long run times are not unusual and render the product…
-
Attack Detail & Analysis Below we’ll explain the types of attacks used in the comics, provide statistics about their prevalence, and discuss possible defensive measures. This attack and successful breach required a combination of several steps. That’s how all breaches are. While it may not be possible to stop them all the steps, you should…
-
What Happened? Hackers found an exploit in organizations that use Office 365 and Proofpoint. The exploit allowed the hackers to send authenticated emails with digital signatures identical to emails sent by those organizations. The list of exploited organizations includes Disney, Coca-Cola, IBM, Nike, Best Buy, and many others. Using this exploit, hackers sent over at…
-
What Happened As we’ve seen, a bug in a CrowdStrike update caused worldwide havoc. Approximately 8 million Windows computers crashed at many companies, from airlines to broadcast news to hospitals. Desperate users took to forums, some entire organizations ground to a halt, and some problems persisted for days and longer. While CrowdStrike was able to…
-
The Attack Begins The blip of a new email flashed on Cora’s screen. It was yet another alert from Core Audit, and it wasn’t the first one of the day. But a quick glance at the SQLs and adrenaline jolted her awake. It felt like caffeine was pumping directly into her brain. That is not…
-
We previously discussed data-centric security and the need for airtight defenses. Using IDS and IPS is a first step in that direction, but let’s take things further by creating overlapping controls that will tighten security much more. The risk-control matrix is at the core of security planning. The matrix maps our risks to the controls…
-
We previously discussed data-centric defenses as the critical last line of defense. As such, one of our requirements is to try and make it as airtight as possible. That’s not a minor or trivial requirement. In this article, we’ll discuss how we can get there. There are two concepts we’ll need to discuss: False negatives…
-
We often think of cybersecurity as made up of silos. There’s network security, training, physical security, email security, etc. Each silo usually includes multiple solutions. For example, network security includes firewalls, routers, VLANs, and similar measures that are not necessarily directly related. The problem with any issue comprised of many unrelated components is that it’s…
-
1. Why mask? Because we can’t protect the data outside of production: Imagine copying customer data for testing. How could you protect it after copying it? Without data masking, you will expose all names, addresses, phone numbers, emails, financial information, and more. Static masking replaces these values with good fakes so you can test without jeopardizing…
-
Recent polls of cybersecurity professionals show most respondents (82%) have partial or no visibility into their databases and need it. Few said they have good visibility (7%) or don’t need it (11%). The surveys were conducted in various LinkedIn groups in English and Spanish, asking: “Do you have visibility into what’s happening within your database?”.…
