To take advantage of new security features and bug fixes, you need to stay up-to-date with the latest software. Before you do anything else, update your cluster with latest version of Scylla. Also take the time to ensure that your operating system and libraries are up-to-date as well.
What if your servers themselves are compromised? This is where data at rest encryption comes into play. Data at rest secures the information persisted in a computer, such as on an SSD or HDD volume.
Security-conscientious developers and infrastructure maintainers can protect against side-channel attacks by minimizing the amount of shared infrastructure. This means VMs and Container infrastructure. This was always a theoretical concern, but the new flaws catapult this front and center to the main stage.
Veramine CEO Jonathan Ness makes the case for Scylla over other SQL and NoSQL solutions, including PostgreSQL and Casssandra for real-time cybersecurity.
The next open-source release (version 2.2) of Scylla will include support for role-based access control. This feature was introduced in version 2.2 of Apache Cassandra. This post starts with an overview of the access control system in Scylla and some of the motivation for augmenting it with roles. We’ll explain what roles are and show an example of their use. Finally, we’ll cover how Scylla transitions existing access-control data to the new roles-based system when you upgrade a cluster. Access Control in Scylla There are two aspects of access control in Scylla: controlling client connections to a Scylla node (authentication), […]
Learning from the Equifax breach I guess it should come as no surprise that the Equifax breach could have been prevented. This time it was Equifax but next time it could be you. While it’s fun to see someone else take the hit, the heat, and watch people mock the CIO’s education:
What’s the problem? Recently several NoSQL database clusters were targeted by hacker attacks. According to a report, the first known occurrences affected MongoDB, but soon after ElasticSearch clusters, Hadoop servers and CouchDB databases were affected as well. Is it relevant for the security of ScyllaDB installations? Heck yeah! In order to prevent an attack on your Scylla installation, proper configuration is critical from the get go.