Author: Eyal Kalderon

Artificial Intelligence is fundamentally changing the way we interact with information. While the potential for productivity is massive, it introduces a critical security shift that many organizations are unprepared for. In this article, we’ll focus on the specific challenges created when companies deploy AI agents for internal business purposes and why our traditional security models…

You are likely doing everything “right”, yet your security is failing. Your team follows rigorous development practices. You use Static Application Security Testing (SAST) to audit code, Dynamic Application Security Testing (DAST) to probe your runtime environments, Software Composition Analysis (SCA) to manage your libraries, and a Web Application Firewall (WAF) to guard the gate.…

In the world of IT, we like to believe hard data and bottom-line economics drive our procurement decisions. However, in reality, they are often driven by a Psychological Shield. A recent survey found that over 90% of IT leaders who are dissatisfied with their current database and application security solutions don’t switch because the alternatives…

Let’s discuss a few variations of Dynamic Data Masking (DDM) and explain the differences from its static sibling. We’ll cover different implementation approaches, which apply in what situations, and the preferred alternatives. Static vs. Dynamic:“Permanent” vs. “On-the-Fly” Before diving into the technical implementation, we must distinguish between the two primary philosophies of masking: Static and…

Database Activity Monitoring (DAM) or its modern variation, Database Activity Control (DAC), aims to enhance database security and achieve regulatory compliance. Since most database users have access to sensitive information, controlling the activity from those accounts is a primary mechanism for mitigating external and internal threats. This review covers all the high-end solutions currently on…

A potential customer recently admitted to us that they were debating whether to buy our masking solution or build one themselves. Personally, I usually prefer to build things myself. However, as a development manager and software architect with 30 years of experience, for data masking, my suggestion is “buy”. Data masking can be tricky. It…

Static Data Masking (SDM) is the process of replacing sensitive information with realistic but fictional data in non-production environments. The goal is simple: eliminate the security risk. Since databases are built to manipulate data at scale, you may choose to take advantage of those capabilities and opt for a “Do-It-Yourself” (DIY) approach. The idea is…

All attacks have the same destination: the data in your database. However, 99% of database activity originates from a single application service account. So, how does database activity control compare to application activity control? Data-centric security controls the activity that touches the data. This defense is deployed from the inside out, like putting together a…

We spend millions on firewalls and EDR protecting the perimeter and endpoints. But the actual prize, your data, often sits in a vault protected by a 25-year-old padlock. Our information is what attackers are after, yet it is what we protect the least. In a house made of doors, we obsess over the doors, neglecting…

The Challenge: What Data Do I Have? Most organizations face a critical compliance and security roadblock: they don’t actually know where their sensitive data lives. However, with the advent of AI, you can now easily scan through an entire database schema in a few minutes or less. The security roadblock: Locating sensitive information is an…