Blog Articles - Blue Core Research

Enter a query to search using AI. You can explain what you’re looking for or copy paragraphs relevant to your search:

Latest posts:

Application or Database Activity Control: How do they compare?

Which is the best defense for your data? A detailed analysis of the differences, advantages, and visibility gaps between Database Activity Control and Application Activity Control in modern security environments.

All attacks have the same destination: the data in your database. However, 99% of database activity originates from a single application service account. So, how does database activity control compare to application activity control? Data-centric security controls the activity that touches the data. This defense is deployed from the inside out, like putting together a
Read more
Database Security Technology: Don’t Stay Behind the Curve

Learn about the different technology generations in database security to understand the protections you have and determine the ones you need. What are the limitations of each technology, from blind spots to performance problems?

We spend millions on firewalls and EDR protecting the perimeter and endpoints. But the actual prize, your data, often sits in a vault protected by a 25-year-old padlock. Our information is what attackers are after, yet it is what we protect the least. In a house made of doors, we obsess over the doors, neglecting
Read more
Locate Sensitive Data for Free Using AI

Discover how to pinpoint sensitive data in your databases for free. Learn how to map schemas and use AI to do the heavy lifting. Comply with regulations and close security gaps in under 5 minutes.

The Challenge: What Data Do I Have? Most organizations face a critical compliance and security roadblock: they don’t actually know where their sensitive data lives. However, with the advent of AI, you can now easily scan through an entire database schema in a few minutes or less. The security roadblock: Locating sensitive information is an
Read more
Masking Poll

The Great Divide: 90% of Experts value Data Masking. However, half haven’t implemented it yet. Learn to understand the market trend and the perspective of your peers.

In a recent survey, we asked cybersecurity professionals if they mask their data. The results were unsurprising. 90% of respondents said data masking is important. 40% already mask their data, and nearly 50% need to mask it but haven’t yet. Only 10% don’t consider data masking important. For companies that need to mask their data,
Read more
Database Security Spending Guidelines

Are you investing the right amount in your security? Optimize your database protection budget and resources without overspending or leaving yourself dangerously exposed.

It’s not trivial to find the “correct” investment level for database security. Unlike antivirus, it’s not a simple comparison between multiple vendors. The pricing models don’t align, the features are very intricate, and comparison is impossible. To make things worse, we rarely know exactly what we need. This article aims to give you guidance, so
Read more
Database Activity Control: The State of the Market

Exclusive Survey: a poll of security professionals about Database Activity Control revealed surprising results. Everyone agrees it is vital, but few achieve control.

We recently conducted a poll to check the state of the database security market, focusing on activity control. The results offer a fascinating glimpse into the mindset of security professionals. Let’s start with the unequivocally good news: every single respondent believes it is vital to control database activity. Everyone agrees. In an industry often divided
Read more
Database Evaluation Checklist

Database security is the last line of defense standing between attackers and your critical data. Follow this strategically organized checklist to ensure everything is properly locked down.

Organizations depend on data, and databases are where that data lives. Databases are the heart that pumps this data throughout your organization and keeps it alive. But data volumes soar, regulations tighten, and treating database security as a collection of isolated technical tasks is a recipe for disaster. Yet, many companies still treat database security
Read more
Cybersecurity Budgets and What They Mean

Half of the companies increase their cybersecurity budgets, while the other half shrink. All along, the tsunami of data breaches is unwavering. What does this mean, and how can you achieve better protection in a tight economy?

A recent poll by Blue Core Research shows an interesting pattern in cybersecurity budgets. About half of the companies (47%) increased their cybersecurity budget, while the other half had a negative trend. Within the negative trend, about a quarter had no changes in their budget, half had some decrease, and the last quarter had a
Read more
Database Security: Whose job is it?

Database security is often seen as a mystery. This article reveals five viable paths—from specialized hiring to smart collaboration—to empower your security team to immediately and effectively protect your critical data assets.

Database security often feels like a shadowy corner of IT, requiring arcane knowledge that many security teams feel ill-equipped to handle. The question of “Whose job is it?” and “How do we even begin?” loom large, sometimes leading to a sense of paralysis. The analogy of the fox guarding the hens perfectly captures the understandable
Read more
Data Masking, Anonymization, Obfuscation, and Privacy – Methods and Examples

Learn how to mask different types of data, understand common terminology and concepts, and figure out what matters to you most.

In a world driven by data with threats lurking around every corner, keeping data safe is nearly impossible. However, we then make this challenge worse by copying the data for testing, development, training, and more. If protecting data in production is difficult, protecting these copies outside of the secured production environment is impossible. So, what
Read more
The State of Database Security: An Interview with Blue Core Research CTO

What is the state of database security, what are the problems, how do we solve them, and what will the future look like?

In an exclusive interview, we spoke with Eyal Kalderon, Founder and CTO of Blue Core Research, to gain insight into the current state of database security. Eyal, you have been working with advanced database technologies for over 30 years and focusing on database security for the past two decades. You have several patents and have
Read more
The Mystery of the Missing Sparkle-Bits

This light-hearted adventure uncovers the truth at the heart of data security. Learn the principles that will help you avoid a data breach.

Lessons Learned Aella’s adventure is a perfect example of good data security practices. If you can replicate her example, you will likely avoid a data breach. Let’s break it down into key takeaways and how you can mirror this fictional story in real life. The Security Event One day, Aella, guardian of the Sparkle-Bits, noticed
Read more
Think Twice: Is Database Security Really a Luxury You Can’t Afford?

Is database security as expensive as you think? Is it a better investment than alternatives? Security costs money, but what is the most important investment that will result in the best protection?

We get it. When budgets are tight and threat landscapes seem to expand daily, the siren song of “good enough” security can be tempting. Perimeter defenses, endpoint protection – they feel tangible, like walls around your digital kingdom. Database security? Often perceived as complex, costly, and… well, another thing on the ever-growing list. But what
Read more
Solving Data Theft and Privacy Protection

Data theft is a persistent and costly problem. This article proposes an effective solution by focusing on protecting databases. The strategy focuses on activity control to secure confidential information, even if intruders gain access to the system.

Data breaches are a regular occurrence. Most people had their emails or phone numbers stolen. That should be a shocking reality, but the scale of the problem and the frequent breaches have normalized it into something everyone accepts and mostly ignores. Data theft remains one of the most persistent and damaging problems in information security.
Read more
Why the “Not That Sensitive” Argument Crumbles Under Scrutiny

All data requires protection. It’s a truth we often ignore, thereby undermining our dependency on information. Failing to embrace this reality shatters the foundation of all our decisions and actions.

Let’s be blunt: the mindset that “our data isn’t that sensitive” is a dangerous delusion. It’s a blind spot that leaves organizations vulnerable and undermines the very purpose of collecting and storing information in the first place. We need to shift the paradigm. All data is sensitive. It’s not just about Social Security numbers, credit
Read more
The Silent Majority: Why Database Threats Must Become Center Stage

Databases are the true endgame of most cyberattacks, yet they remain dangerously overlooked. Learn why your defense must start with your data – and how to finally secure it.

As security professionals, we are constantly bombarded with threats. The news cycles are filled with tales of sophisticated phishing campaigns, novel malware strains, and the ever-evolving tactics of network intruders. We diligently patch our endpoints, implement robust firewalls, and train our users to be wary of social engineering ploys. These are vital defenses, the frontline
Read more
The Illusion of the Wall: Why Your Data Fortress is a Sandcastle

Perimeter-based security once gave us a sense of security and control. Today we stand behind it waiting for a breach. The world changed and those defenses no longer hold. It’s time to rethink how to align our investment and efforts with reality.

For years, the mantra of cybersecurity echoed the “perimeter.” Firewalls stood tall like digital Hadrian’s Walls, antivirus software patrolled the gates, and email filters acted as vigilant sentries. This approach focused on keeping the “bad guys” out and offered a tangible sense of security. We could see the defenses, watch them in action, and feel a semblance
Read more
What you are doing is not working

Most organizations are under constant cyberattacks, and many of those succeed. It’s clear that today’s defenses are failing us, and change is urgent.

A survey from Rubrik Zero Labs reveals that 90% of IT and security leaders experienced cyberattacks in the past year, and 20% reported an attack every other week on average. Those are merely attacks, but attacks have consequences. 30% reported on-premise data breaches, 28% a cloud or SaaS breach, and 26% reported ransomware. And the
Read more
Introduction to Databases for Security Professionals

What are databases, what threats do they face, and how to secure them?

What is a Database? A database is a software solution that stores, manipulates, and retrieves data. Think of an Excel spreadsheet, but a database operates on a much larger scale. A database is like thousands of Excel spreadsheets, some with millions of rows, accessed simultaneously by thousands of individuals. To be accurate, that is a
Read more
Tracking Data Changes and Compliance Requirements for Financial Institutions

Tracking data changes is essential for data integrity and regulatory compliance in financial institutions. This article explores the practical implementation in Oracle and SQL Server.

Tracking data changes is a cornerstone of good recordkeeping and data integrity. In the highly regulated world of banking and financial institutions, the ability to accurately track and reconstruct changes to data is not merely a best practice but a fundamental regulatory requirement. Financial institutions handle customer information and transactional data, where even a minor,
Read more