Application Security //

Database Security

6/9/2015
02:30 PM
Dark Reading
Dark Reading
Products and Releases
50%
50%

Dataguise Introduces Big Data Security Suite for On-Premise and Cloud Deployments

Company Delivers DgSecure 5.0 to Provide Insight and Access to Different Sensitive Data Classifications

FREMONT, Calif. — June 9, 2015 — Dataguise, the leading provider of data-centric discovery and data protection for Hadoop and other Big Data environments, today announced the release of DgSecure™ version 5.0. The latest generation DgSecure platform allows businesses to scale sensitive data discovery, automate data protection, and achieve a 360-degree view of their sensitive data assets across Big Data and traditional data repositories both on-premise and in popular cloud platforms.

DgSecure version 5.0 includes significant enhancements, including the addition of industry-first security access monitoring and entitlement functionality which allows administrators to define and audit sensitive data interactions. By combining sensitive data discovery with integrated Access Control List (ACL) permissions as defined in Apache Sentry, Apache Ranger or MapR’s ACLs, enterprises can see complete sensitive data access and entitlement within Hadoop. This provides information about the status of sensitive data with greater control over which users can view the information. This is the first solution to allow security personnel insight into which users are entitled to access different classifications of sensitive data.

“While enterprises today seek to unlock the potential of Big Data for their organizations, many have serious concerns around lack of visibility and security,” said Nik Rouda, senior analyst, Enterprise Strategy Group. “The complexity and scale of these environments demands an end-to-end data-centric security and compliance option that identifies where sensitive data is located, who has access to it, and the means to lock it down - all without impacting performance. ESG research shows security, privacy, and governance are top level issues for any Big Data deployment.”

Version 5.0 enhancements include:

•             Ability to run virtually in the cloud to support Hadoop operations, including Big Data repositories in AWS, Amazon EMR, Azure, and HD Insight

•             Enhanced automation features through Oozie support to facilitate full job scheduling and automation of discovery and protection via security workflow scripting/command line interfaces

•             Automated cell-level encryption (AES and FPE) capabilities for Flume, Sqoop, and HIVE API

•             Multi-cluster support from a single integrated dashboard with certified integrations for Cloudera, Hortonworks, MapR, and Pivotal HD

•             Most advanced native and HIVE API support for Hadoop file formats RC, ORC, AVRO, Sequence, TXT, JSON and XML

•             Advanced encryption key management and integration with Safenet, RSA and Thales, featuring industry-standard Key Management Interface Protocol (KMIP) support

•             Automatic discovery upon importing new data

“With DgSecure version 5, our joint customers gain enhanced granular, and precise control of sensitive data by combining DgSecure with Cloudera’s industry leading data governance and security capabilities. The new discovery and entitlement features will make it even easier for businesses to define and enforce remediation policies in support of customer initiatives,” said Tim Stevens, vice president, business and corporate development at Cloudera.

“With a data-centric approach for protecting large data sets, Dataguise provides a rigorous model of defense for secure, monitored access to data without undue complexity or performance barriers,” said Steve Wooledge, vice president product marketing, MapR Technologies. “This approach is aligned with the MapR strategy and capabilities for securing and governing data in business-critical Hadoop deployments. We are pleased to work with Dataguise to ensure security and compliance with industry-leading innovations for Hadoop and NoSQL.”

“DgSecure 5.0 extends a first-in-market footprint for security access monitoring and entitlement,” said Manmeet Singh, CEO of Dataguise. “This purpose-built data-centric security solution for Hadoop and NoSQL provides organizations with unique sensitive data discovery capabilities, allowing users to locate, identify, and manage sensitive data in large datasets, and then apply dynamic, high performance data protection based on user permissions. With our latest release, compliance and security professionals can rest assured that their sensitive data is optimally protected.”

 DgSecure is a data-centric solution that provides organizations with unique sensitive data discovery capabilities, allowing users to locate, identify and manage sensitive data within large datasets, and then apply dynamic, high performance data protection based on user permissions. The discovery and security solution’s capabilities mitigate the risk of a data breach by providing extensive reporting and auditing services, allowing enterprises for the first time to see who is adding, accessing, and attempting to access sensitive data. DgSecure is the first solution of its kind to discover all sensitive data residing in or being written to Hadoop and NoSQL repositories, protecting this data against unauthorized access. The DgSecure platform now supports Hadoop-in-the-Cloud, including the largest cloud Hadoop implementation, Amazon EMR (Elastic MapReduce). Already a certified partner of Cloudera, Hortonworks and MapR, Dataguise is the only vendor to support one hundred percent of the major Hadoop distributions along with Hadoop-in-the-Cloud, traditional databases, files and SharePoint.

•             Follow Dataguise on Twitter at: http://twitter.com/dataguise

•             Follow Dataguise on LinkedIn at: http://www.linkedin.com/company/dataguise

•             Contact Dataguise directly at: http://dataguise.com/?q=inquiries

About Dataguise

Dataguise is the leading provider of data privacy protection and compliance intelligence for sensitive data assets stored in both Big Data and traditional repositories. The company’s comprehensive and centrally managed solutions allow companies to maintain a 360 degree view of their sensitive data, evaluate their compliance exposure risks, and enforce the most appropriate remediation policies, whether the data is stored on premises or in the cloud. Dataguise is recognized as a visionary by one of the world’s leading analyst firms for its ability to help its customers to reduce the risk of data breaches and to remain compliant with leading regulations designed to protect personally identifiable information (PII) such as the Health Insurance Portability and Accountability Act (HIPAA), The Health Information Technology for Economic and Clinical Health (HITECH), and the Payment Card Industry (PCI) DSS. For more information visit: http://dataguise.com/.

 

Comment  | 
Print  | 
More Insights
Comments
Newest First  |  Oldest First  |  Threaded View
5 Reasons the Cybersecurity Labor Shortfall Won't End Soon
Steve Morgan, Founder & CEO, Cybersecurity Ventures,  12/11/2017
Register for Dark Reading Newsletters
White Papers
Video
Cartoon Contest
Write a Caption, Win a Starbucks Card! Click Here
Latest Comment: Gee, these virtual reality goggles work great!!! 
Current Issue
The Year in Security: 2017
A look at the biggest news stories (so far) of 2017 that shaped the cybersecurity landscape -- from Russian hacking, ransomware's coming-out party, and voting machine vulnerabilities to the massive data breach of credit-monitoring firm Equifax.
Flash Poll
New Best Practices for Secure App Development
New Best Practices for Secure App Development
The transition from DevOps to SecDevOps is combining with the move toward cloud computing to create new challenges - and new opportunities - for the information security team. Download this report, to learn about the new best practices for secure application development.
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2017-0290
Published: 2017-05-09
NScript in mpengine in Microsoft Malware Protection Engine with Engine Version before 1.1.13704.0, as used in Windows Defender and other products, allows remote attackers to execute arbitrary code or cause a denial of service (type confusion and application crash) via crafted JavaScript code within ...

CVE-2016-10369
Published: 2017-05-08
unixsocket.c in lxterminal through 0.3.0 insecurely uses /tmp for a socket file, allowing a local user to cause a denial of service (preventing terminal launch), or possibly have other impact (bypassing terminal access control).

CVE-2016-8202
Published: 2017-05-08
A privilege escalation vulnerability in Brocade Fibre Channel SAN products running Brocade Fabric OS (FOS) releases earlier than v7.4.1d and v8.0.1b could allow an authenticated attacker to elevate the privileges of user accounts accessing the system via command line interface. With affected version...

CVE-2016-8209
Published: 2017-05-08
Improper checks for unusual or exceptional conditions in Brocade NetIron 05.8.00 and later releases up to and including 06.1.00, when the Management Module is continuously scanned on port 22, may allow attackers to cause a denial of service (crash and reload) of the management module.

CVE-2017-0890
Published: 2017-05-08
Nextcloud Server before 11.0.3 is vulnerable to an inadequate escaping leading to a XSS vulnerability in the search module. To be exploitable a user has to write or paste malicious content into the search dialogue.