Scylla Blog

Stay up to date with recent news and updates on our Users Blog, and get under the hood on our Developers Blog.

Posts with tag "Security"


FireEye: Providing Real-Time Threat Analysis using a Graph Database

FireEye is a NASDAQ-traded cybersecurity firm that offers a broad portfolio ranging from a robust enterprise threat intelligence platform, hardware appliances to managed defenses and security consulting. Its customers span the gamut from global telecommunications giants to healthcare providers, universities to research facilities, financial institutions to school systems, municipalities, states, and government ministries. In such an environment, where being wrong only once can lead to damaging and even dangerous breaches, security analytics must keep up with the velocity and volume of the threats faced at Internet scale. At Scylla Summit 2019, Rahul Gaikwad and Krishna Palati of the FireEye Threat […]

Read full article


How to Combat Data Breaches Before They Happen: Scylla’s Native Security

Combat Data Breaches

To take advantage of new security features and bug fixes, you need to stay up-to-date with the latest software. Before you do anything else, update your cluster with latest version of Scylla. Also take the time to ensure that  your operating system and libraries are up-to-date as well.

Read full article


Encryption at Rest in Scylla Enterprise

Encryption at Rest

What if your servers themselves are compromised? This is where data at rest encryption comes into play. Data at rest secures the information persisted in a computer, such as on an SSD or HDD volume.

Read full article


The ZombieLoad Pragmatist: Tips for Surviving in a Post-Meltdown World

ZombieLoad Survival Guide

Security-conscientious developers and infrastructure maintainers can protect against side-channel attacks by minimizing the amount of shared infrastructure. This means VMs and Container infrastructure. This was always a theoretical concern, but the new flaws catapult this front and center to the main stage.

Read full article


Veramine Turns to Scylla to Manage Big Data for Enterprise Cybersecurity


Veramine CEO Jonathan Ness makes the case for Scylla over other SQL and NoSQL solutions, including PostgreSQL and Casssandra for real-time cybersecurity.

Read full article


Role-based Access Control in Scylla


The next open-source release (version 2.2) of Scylla will include support for role-based access control. This feature was introduced in version 2.2 of Apache Cassandra. This post starts with an overview of the access control system in Scylla and some of the motivation for augmenting it with roles. We’ll explain what roles are and show an example of their use. Finally, we’ll cover how Scylla transitions existing access-control data to the new roles-based system when you upgrade a cluster. Access Control in Scylla There are two aspects of access control in Scylla: controlling client connections to a Scylla node (authentication), […]

Read full article


Equifax and ‘if it works, don’t touch it’

Learning from the Equifax breach I guess it should come as no surprise that the Equifax breach could have been prevented. This time it was Equifax but next time it could be you. While it’s fun to see someone else take the hit, the heat, and watch people mock the CIO’s education:

Read full article


Making sure your Scylla cluster is secure

What’s the problem? Recently several NoSQL database clusters were targeted by hacker attacks. According to a report, the first known occurrences affected MongoDB, but soon after ElasticSearch clusters, Hadoop servers and CouchDB databases were affected as well. Is it relevant for the security of ScyllaDB installations? Heck yeah! In order to prevent an attack on your Scylla installation, proper configuration is critical from the get go.

Read full article

Subscribe to Our Blog