Author: Eyal Kalderon

Introduction Oracle auditing is a large, complex, and confusing subject with many technology options. We aim to demystify those and help you make educated technology choices, guiding you to a solution that works for you. From capturing data to getting value from it and from a DIY to high-end solutions, let’s explore Oracle auditing. Capture…

Introduction SQL Server auditing is a large and complex subject with many technology options. We aim to demystify those and help you make educated technology choices, guiding you to a solution that works for you. From capturing data to getting value from it and from a DIY to high-end solutions, let’s explore the world of…

Introduction In today’s data-driven world, privacy and security are more crucial than ever before. Data masking solutions help protect personal, financial, and business-critical information. Selecting the right solution is essential to a successful masking project and effective protection of your sensitive information. Misleading Terminology Many vendors use terms like Anonymization, Pseudonymization, Tokenization, Hashing, Encryption, Reduction,…

Introduction Modern businesses run on data. From customer data to financial information and beyond, databases store plenty of sensitive information. This data enables company operations and drives decision-making. However, this reliance on data exposes organizations to significant risks. Cyberattacks and data breaches can compromise sensitive information, leading to financial loss, regulatory penalties, lawsuits, and irreparable…

Significance Data masking is not a daily task, so why is performance a vital subject to consider? While it’s of minor significance whether a data masking process takes 5 seconds or 5 minutes, it’s critical if it takes five days or will never finish. Impossibly long run times are not unusual and render the product…

The Attack Begins The blip of a new email flashed on Cora’s screen. It was yet another alert from Core Audit, and it wasn’t the first one of the day. But a quick glance at the SQLs and adrenaline jolted her awake. It felt like caffeine was pumping directly into her brain. That is not…

We previously discussed data-centric security and the need for airtight defenses. Using IDS and IPS is a first step in that direction, but let’s take things further by creating overlapping controls that will tighten security much more. The risk-control matrix is at the core of security planning. The matrix maps our risks to the controls…

We previously discussed data-centric defenses as the critical last line of defense. As such, one of our requirements is to try and make it as airtight as possible. That’s not a minor or trivial requirement. In this article, we’ll discuss how we can get there. There are two concepts we’ll need to discuss: False negatives…

We often think of cybersecurity as made up of silos. There’s network security, training, physical security, email security, etc. Each silo usually includes multiple solutions. For example, network security includes firewalls, routers, VLANs, and similar measures that are not necessarily directly related. The problem with any issue comprised of many unrelated components is that it’s…