Introducing Crunchy Data Warehouse: A next-generation Postgres-native data warehouse. Crunchy Data Warehouse Learn more
Jonathan S. Katz
Jonathan S. Katz
The PostgreSQL Global Development Group provided an out-of-cycle update release for all supported to provide a fix for the CVE-2019-10164 vulnerability. This vulnerability only affects people running PostgreSQL 10, 11 or the 12 beta, and it is effectively remediated by simply upgrading all of your PostgreSQL installations to the latest versions. What follows is some more insight about what this vulnerability is, the impact it can have in your environment, how to ensure you have patched all of...
Read MoreDouglas Hunley
Douglas Hunley
Crunchy Data has recently announced an update to the CIS PostgreSQL Benchmark by the Center for Internet Security , a nonprofit organization that provides publications around standards and best practices for securing technologies systems. This newly published CIS PostgreSQL 10 Benchmark joins the existing CIS Benchmarks for PostgreSQL 9.5 and 9.6 while continuing to build upon Crunchy Data's efforts with the PostgreSQL Security Technical Implementation Guide (PostgreSQL STIG ). As mention...
Read MoreJonathan S. Katz
Jonathan S. Katz
Crunchy Data recently announced the publication of the CIS PostgreSQL Benchmark by the Center for Internet Security , a nonprofit organization that provides publications around standards and best practices for securing technologies systems. This CIS PostgreSQL Benchmark builds on earlier work that Crunchy started when it helped to publish the PostgreSQL Security Technical Implementation Guide ( PostgreSQL STIG ) and provides guidance and steps to help secure your PostgreSQL databases. A CIS...
Read MoreJonathan S. Katz
Jonathan S. Katz
On March 1, 2018, the PostgreSQL community released version 10.3 and other supported versions of PostgreSQL. The release centered around a disclosed security vulnerability designated CVE-2018-1058, which is related to how a user can accidentally or maliciously "create like-named objects in different schemas that can change the behavior of other users' queries." The PostgreSQL community released a guide around what exactly CVE-2018-1058 is and how to protect your databases. However, we thoug...
Read MoreJonathan S. Katz
Jonathan S. Katz
Row Level Security , aka " RLS ," allows a database administrator to define if a user should be able to view or manipulate specific rows of data within a table according to a policy . Introduced in PostgreSQL 9.5 , row level security added another layer of security for PostgreSQL users who have additional security and compliance considerations for their applications. At Crunchy Data, we care a lot about data security and supporting PostgreSQL. When we discovered an issue with creating a larg...
Read MoreJoe Conway
Joe Conway
Crunchy Data recently announced the publication of the PostgreSQL Security Technical Implementation Guide ( STIG ) by the United States Defense Information Systems Agency ( DISA ), making PostgreSQL the first open source database to provide a published STIG. While the STIG was authored for the benefit of the U.S. Government, the DISA PostgreSQL STIG offers security-conscious enterprises a comprehensive guide for the configuration and operation of open source PostgreSQL. Enterprises can ref...
Read MoreCrunchy
Crunchy
Charleston, SC and Washington, DC - Crunchy Data Solutions, Inc. (Crunchy), a provider of enterprise PostgreSQL support, technology and training, today announced the release of Crunchy MLS PostgreSQL, an open source database distribution supporting multi-level security. Crunchy MLS PostgreSQL was developed to support the relational database requirements of the U.S. Government’s Centralized Super Computer Facility. Crunchy is proud to be a part of the Multi-Level Security Ecosystem that includes...
Read MoreCrunchy
Crunchy
Amid the well-deserved hype around the impact of cloud technology and big data analytics, it is possible that casual industry watchers may have missed the real story behind the recent wave of IT re-architecting. Enabling many of these recent, powerful trends is a newly validated embrace of open source software technology. The movement to OSS solutions is empowering system designers and solution architects to re-examine methodologies that evolved out of the legacy proprietary, closed source softw...
Read More