Author: Eyal Kalderon

1. Why mask? Because we can’t protect the data outside of production: Imagine copying customer data for testing. How could you protect it after copying it? Without data masking, you will expose all names, addresses, phone numbers, emails, financial information, and more. Static masking replaces these values with good fakes so you can test without jeopardizing…

Recent polls of cybersecurity professionals show most respondents (82%) have partial or no visibility into their databases and need it. Few said they have good visibility (7%) or don’t need it (11%). The surveys were conducted in various LinkedIn groups in English and Spanish, asking: “Do you have visibility into what’s happening within your database?”.…

Anomaly analysis uses behavioral analysis, helping you save time while expanding your control to vast activity volumes. These capabilities are made possible by the unique security repository technology in Core Audit. The anomaly analysis engine dynamically creates behavioral profiles based on the activity captured by the security repository, allowing you to compare the present with…

One of the popular myths about security is that you can get it out of the box. Just install something, and voila! You’re magically secured. But that never works. Regardless of what you’re trying to secure, your first step should always be understanding the activity. You should know how the system is used, by whom,…

Many organizations design their cybersecurity strategy and decide what solutions to purchase based on industry trends and best practices. The outcome is often imbalanced and inappropriate to the organization’s risk profile and security needs. Best-practice implementations are usually one-size-fits-all and not tailored to the specific environment. Being predictable, there are usually tools and guides on…

This is a true story of a SQL injection attack on our website. Learn about the attack and why the Core Audit anomaly analysis database defense is the most effective way to combat this type of threat. Introduction We got an alert two days before New Year’s. It was shortly after midnight on December 30,…

On Sunday morning, we got an anomaly alert. It was March 19, 2023. This story is about what happened. Background The Blue Core Research website uses WordPress (a free and open-source content management system). WordPress usually uses MySQL as a backend database, and our installation is no different. While our WordPress doesn’t contain sensitive data,…