5 Mar 2019

How We Built an SQL Firewall — AcraCensor

Preventing SQL injections is troublesome: WAF is easy to bypass and a good SQL firewall is hard to find. We ended up building our own open source SQL firewall.This is how we did it.

Read more...


13 Feb 2019

Preventing SQL Injections When WAF’s Not Enough

Using SQL firewall to protect database against SQL injections at scale as compared to WAF.

Read more...


22 Jan 2019

On Blockchain and GDPR

Blockchain solves several technical challenges. Sadly, while it can be helpful, using it won't make your product automatically secure or GDPR-complaint.

Read more...


31 Dec 2018

Looking Back at 2018 — A Year in Retrospect

Seven releases of Acra, Customer Success Program and security training services, a whole new Docserver, conference talks all over the world, and much more.

Read more...


20 Dec 2018

Thank You for Contributing and Using Themis in 2018

We are extremely grateful to our open-source contributors and for the feedback from select users and want to recognize and celebrate their input in 2018!

Read more...


27 Nov 2018

Hiring External Security Team: What You Need to Know

Contrary to popular opinion, security consulting is not limited to pentests and compliance audits. In this article, we’ve outlined the 4 main security-related business risks and charted out the way to help you choose the consulting type that best suits your business.

Read more...


22 Nov 2018

How to Implement Tracing in a Modern Distributed Application

A battle-tested explanation of why tracing is a very useful technique you can benefit from in your projects. A story from the trenches of implementing distributed tracing in our Acra data security suite.

Read more...


15 Nov 2018

What Do We Really Need to Encrypt. Cheatsheet

What data is sensitive and needs to be encrypted according to the modern data privacy regulations like GDPR, HIPAA, FFIEC, etc.? This is a cheat sheet and an explanation of how we approach answering these questions.

Read more...


9 Nov 2018

ACRA 0.84.0 NEW HORIZONS

The release of Acra version 0.84.0 marks the new frontier for the data security suite.

Read more...


28 Sep 2018

ACRA 0.83.0 RELEASE

Key rotation made easy — if client application is compromised, the new AcraRotate utility lets you update storage keys and re-encrypt the data. SQL filtering got more flexible with new 6 patterns (including SUBQUERY and LIST_OF_VALUES), allowing you to set up accepted queries very carefully and block malicious requests. Read the full post for more details on how Acra 0.83.0 helps protecting your databases.

Read more...

All posts

Previous Previous