Author: Eyal Kalderon

Let’s be honest. For many outside the dedicated database teams, those servers humming away in the data center feel like mysterious black boxes. They hold critical information, the lifeblood of your organization, yet their inner workings often remain shrouded in inexplicable technical jargon. This lack of visibility can breed a dangerous assumption: a belief that…

We, as security professionals, operate in a realm of logic, risk assessment, and proactive defense. We preach the layered security model, the principle of least privilege, and the importance of defense in depth. Yet, there’s a persistent, almost baffling, undercurrent in our field: the belief that application-level security is the ultimate bastion, a shield sufficient…

Introduction PCI-DSS is a security standard published by credit card companies (PCI is the Payment Card Industry, and DSS stands for Data Security Standard). It is a mandatory requirement for anyone processing credit cards. PCI-DSS version 4.0.1 is an almost 400-page document, so this article isn’t replacing it. But we help translate PCI-DSS to practical…

Introduction Oracle auditing is a large, complex, and confusing subject with many technology options. We aim to demystify those and help you make educated technology choices, guiding you to a solution that works for you. From capturing data to getting value from it and from a DIY to high-end solutions, let’s explore Oracle auditing. Capture…

Introduction SQL Server auditing is a large and complex subject with many technology options. We aim to demystify those and help you make educated technology choices, guiding you to a solution that works for you. From capturing data to getting value from it and from a DIY to high-end solutions, let’s explore the world of…

Introduction In today’s data-driven world, privacy and security are more crucial than ever before. Data masking solutions help protect personal, financial, and business-critical information. Selecting the right solution is essential to a successful masking project and effective protection of your sensitive information. Misleading Terminology Many vendors use terms like Anonymization, Pseudonymization, Tokenization, Hashing, Encryption, Reduction,…

Introduction Modern businesses run on data. From customer data to financial information and beyond, databases store plenty of sensitive information. This data enables company operations and drives decision-making. However, this reliance on data exposes organizations to significant risks. Cyberattacks and data breaches can compromise sensitive information, leading to financial loss, regulatory penalties, lawsuits, and irreparable…

Significance Data masking is not a daily task, so why is performance a vital subject to consider? While it’s of minor significance whether a data masking process takes 5 seconds or 5 minutes, it’s critical if it takes five days or will never finish. Impossibly long run times are not unusual and render the product…

The Attack Begins The blip of a new email flashed on Cora’s screen. It was yet another alert from Core Audit, and it wasn’t the first one of the day. But a quick glance at the SQLs and adrenaline jolted her awake. It felt like caffeine was pumping directly into her brain. That is not…