database security

Cossack Labs Blog

20 Nov 2019

What Should You Drop When You Lift and Shift

When moving to cloud, your threat model changes. Learn how to reallocate your security efforts effectively.

Read more...


23 Jul 2019

Secure Search Over Encrypted Data

What is searchable encryption and what are the tools that allow performing secure search over encrypted data. A brief overview.

Read more...


16 Apr 2019

Acra on DigitalOcean Marketplace

Acra encryption suite is now available as 1-Click App running in a Droplet on DigitalOcean Marketplace.

Read more...


4 Apr 2019

Building Defence in Depth for Your Data Using Acra

How to protect the data in your app infrastructure using the defence in depth approach, explained on the example of Acra encryption suite.

Read more...


5 Mar 2019

How We Built an SQL Firewall — AcraCensor

Preventing SQL injections is troublesome: WAF is easy to bypass and a good SQL firewall is hard to find. We ended up building our own open source SQL firewall.This is how we did it.

Read more...


13 Feb 2019

Preventing SQL Injections When WAF’s Not Enough

Using SQL firewall to protect database against SQL injections at scale as compared to WAF.

Read more...


15 Nov 2018

What Do We Really Need to Encrypt. Cheatsheet

What data is sensitive and needs to be encrypted according to the modern data privacy regulations like GDPR, HIPAA, FFIEC, etc.? This is a cheat sheet and an explanation of how we approach answering these questions.

Read more...


20 Sep 2018

GDPR for Engineers: Implementing Rights and Security Demands

Mapping data privacy regulation to changes in database structure, updates in DevOps practices, backups, and restricted processing. A methodical developer’s perspective.

Read more...


16 Aug 2018

Poison Records in Acra – Database Honeypots for Intrusion Detection

How we detect massive data leaks and firewall exfiltration in Acra.

Read more...


21 Dec 2016

Themis database modules

In an ongoing effort to make Themis functions available anywhere we (and potential users) might need them, we're starting to release Themis wrappers for popular databases. This post outlines the first two - for Redis and PostgreSQL databases.

Read more...

All posts

Previous Previous