Baffle Architecture

Does Real Queryable Encryption mean there is a Fake Queryable Encryption?

TLDR There is no “fake” queryable encryption, but a certain NoSQL database provider has coined the term “Queryable Encryption”, and Baffle has something to say about that. Background To understand real queryable ...
Engineering-DevOps professional working on monitors

How to Secure Your Data In Snowflake: 8 Areas to Focus On

9 min read Snowflake shines in storage and analytics, yet your success hinges on adhering to security best practices, with workload IAM acting as a crucial ally. The post How to Secure ...
Scrabble TDE

Transparent Data Encryption is Not Enough

Security for an earlier time One of the biggest challenges with security is understanding the threats and how to properly defend against them. Just because the data is encrypted “at-rest” and you ...

Bunnie Huang’s Plausibly Deniable Database

Bunnie Huang has created a Plausibly Deniable Database. Most security schemes facilitate the coercive processes of an attacker because they disclose metadata about the secret data, such as the name and size ...
The Data Lakehouse Post 3 – Catching Up with The Latest Big Data Developments

The Data Lakehouse Post 3 – Catching Up with The Latest Big Data Developments

I recently wrote a post about the concept of the Data Lakehouse, which in some ways, brings components of what I outlined in the first post around my desires for a new ...

Amazon Has Trucks Filled with Hard Drives and an Armed Guard

From an interview with an Amazon Web Services security engineer: So when you use AWS, part of what you’re paying for is security. Right; it’s part of what we sell. Let’s say ...
Old Story: Leaked Voter Records

Old Story: Leaked Voter Records

My previous posting on the Proud Boys spam email speculated that voter records were widely available for such purposes. Here’s a story from 2017 reporting that voter data for about 198 million ...
web application DataSecOps

DataSecOps: Protecting Data in the Cloud

DataSecOps melds an automated mechanism to manage data, along with security, in an effective operations setup Data is the backbone of any organization. It’s what makes the company run. It is also ...
Security Boulevard

Ramsey Malware

A new malware, called Ramsey, can jump air gaps: ESET said they've been able to track down three different versions of the Ramsay malware, one compiled in September 2019 (Ramsay v1), and ...

Wrapper’s Delight

During my summer at Trail of Bits, I took full advantage of the latest C++ language features to build a new SQLite wrapper from scratch that is easy to use, lightweight, high ...

Application Security Check Up