Application Security //

Database Security

6/9/2015
02:30 PM
Dark Reading
Dark Reading
Products and Releases
50%
50%

Dataguise Introduces Big Data Security Suite for On-Premise and Cloud Deployments

Company Delivers DgSecure 5.0 to Provide Insight and Access to Different Sensitive Data Classifications

FREMONT, Calif. — June 9, 2015 — Dataguise, the leading provider of data-centric discovery and data protection for Hadoop and other Big Data environments, today announced the release of DgSecure™ version 5.0. The latest generation DgSecure platform allows businesses to scale sensitive data discovery, automate data protection, and achieve a 360-degree view of their sensitive data assets across Big Data and traditional data repositories both on-premise and in popular cloud platforms.

DgSecure version 5.0 includes significant enhancements, including the addition of industry-first security access monitoring and entitlement functionality which allows administrators to define and audit sensitive data interactions. By combining sensitive data discovery with integrated Access Control List (ACL) permissions as defined in Apache Sentry, Apache Ranger or MapR’s ACLs, enterprises can see complete sensitive data access and entitlement within Hadoop. This provides information about the status of sensitive data with greater control over which users can view the information. This is the first solution to allow security personnel insight into which users are entitled to access different classifications of sensitive data.

“While enterprises today seek to unlock the potential of Big Data for their organizations, many have serious concerns around lack of visibility and security,” said Nik Rouda, senior analyst, Enterprise Strategy Group. “The complexity and scale of these environments demands an end-to-end data-centric security and compliance option that identifies where sensitive data is located, who has access to it, and the means to lock it down - all without impacting performance. ESG research shows security, privacy, and governance are top level issues for any Big Data deployment.”

Version 5.0 enhancements include:

•             Ability to run virtually in the cloud to support Hadoop operations, including Big Data repositories in AWS, Amazon EMR, Azure, and HD Insight

•             Enhanced automation features through Oozie support to facilitate full job scheduling and automation of discovery and protection via security workflow scripting/command line interfaces

•             Automated cell-level encryption (AES and FPE) capabilities for Flume, Sqoop, and HIVE API

•             Multi-cluster support from a single integrated dashboard with certified integrations for Cloudera, Hortonworks, MapR, and Pivotal HD

•             Most advanced native and HIVE API support for Hadoop file formats RC, ORC, AVRO, Sequence, TXT, JSON and XML

•             Advanced encryption key management and integration with Safenet, RSA and Thales, featuring industry-standard Key Management Interface Protocol (KMIP) support

•             Automatic discovery upon importing new data

“With DgSecure version 5, our joint customers gain enhanced granular, and precise control of sensitive data by combining DgSecure with Cloudera’s industry leading data governance and security capabilities. The new discovery and entitlement features will make it even easier for businesses to define and enforce remediation policies in support of customer initiatives,” said Tim Stevens, vice president, business and corporate development at Cloudera.

“With a data-centric approach for protecting large data sets, Dataguise provides a rigorous model of defense for secure, monitored access to data without undue complexity or performance barriers,” said Steve Wooledge, vice president product marketing, MapR Technologies. “This approach is aligned with the MapR strategy and capabilities for securing and governing data in business-critical Hadoop deployments. We are pleased to work with Dataguise to ensure security and compliance with industry-leading innovations for Hadoop and NoSQL.”

“DgSecure 5.0 extends a first-in-market footprint for security access monitoring and entitlement,” said Manmeet Singh, CEO of Dataguise. “This purpose-built data-centric security solution for Hadoop and NoSQL provides organizations with unique sensitive data discovery capabilities, allowing users to locate, identify, and manage sensitive data in large datasets, and then apply dynamic, high performance data protection based on user permissions. With our latest release, compliance and security professionals can rest assured that their sensitive data is optimally protected.”

 DgSecure is a data-centric solution that provides organizations with unique sensitive data discovery capabilities, allowing users to locate, identify and manage sensitive data within large datasets, and then apply dynamic, high performance data protection based on user permissions. The discovery and security solution’s capabilities mitigate the risk of a data breach by providing extensive reporting and auditing services, allowing enterprises for the first time to see who is adding, accessing, and attempting to access sensitive data. DgSecure is the first solution of its kind to discover all sensitive data residing in or being written to Hadoop and NoSQL repositories, protecting this data against unauthorized access. The DgSecure platform now supports Hadoop-in-the-Cloud, including the largest cloud Hadoop implementation, Amazon EMR (Elastic MapReduce). Already a certified partner of Cloudera, Hortonworks and MapR, Dataguise is the only vendor to support one hundred percent of the major Hadoop distributions along with Hadoop-in-the-Cloud, traditional databases, files and SharePoint.

•             Follow Dataguise on Twitter at: http://twitter.com/dataguise

•             Follow Dataguise on LinkedIn at: http://www.linkedin.com/company/dataguise

•             Contact Dataguise directly at: http://dataguise.com/?q=inquiries

About Dataguise

Dataguise is the leading provider of data privacy protection and compliance intelligence for sensitive data assets stored in both Big Data and traditional repositories. The company’s comprehensive and centrally managed solutions allow companies to maintain a 360 degree view of their sensitive data, evaluate their compliance exposure risks, and enforce the most appropriate remediation policies, whether the data is stored on premises or in the cloud. Dataguise is recognized as a visionary by one of the world’s leading analyst firms for its ability to help its customers to reduce the risk of data breaches and to remain compliant with leading regulations designed to protect personally identifiable information (PII) such as the Health Insurance Portability and Accountability Act (HIPAA), The Health Information Technology for Economic and Clinical Health (HITECH), and the Payment Card Industry (PCI) DSS. For more information visit: http://dataguise.com/.

 

Comment  | 
Print  | 
More Insights
Comments
Oldest First  |  Newest First  |  Threaded View
Want Your Daughter to Succeed in Cyber? Call Her John
John De Santis, CEO, HyTrust,  5/16/2018
Don't Roll the Dice When Prioritizing Vulnerability Fixes
Ericka Chickowski, Contributing Writer, Dark Reading,  5/15/2018
New Mexico Man Sentenced on DDoS, Gun Charges
Dark Reading Staff 5/18/2018
Register for Dark Reading Newsletters
White Papers
Video
Cartoon Contest
Write a Caption, Win a Starbucks Card! Click Here
Latest Comment: "Security through obscurity"
Current Issue
Flash Poll
[Strategic Security Report] Navigating the Threat Intelligence Maze
[Strategic Security Report] Navigating the Threat Intelligence Maze
Most enterprises are using threat intel services, but many are still figuring out how to use the data they're collecting. In this Dark Reading survey we give you a look at what they're doing today - and where they hope to go.
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2018-1067
PUBLISHED: 2018-05-21
In Undertow before versions 7.1.2.CR1, 7.1.2.GA it was found that the fix for CVE-2016-4993 was incomplete and Undertow web server is vulnerable to the injection of arbitrary HTTP headers, and also response splitting, due to insufficient sanitization and validation of user input before the input is ...
CVE-2018-7268
PUBLISHED: 2018-05-21
MagniComp SysInfo before 10-H81, as shipped with BMC BladeLogic Automation and other products, contains an information exposure vulnerability in which a local unprivileged user is able to read any root (uid 0) owned file on the system, regardless of the file permissions. Confidential information suc...
CVE-2018-11092
PUBLISHED: 2018-05-21
An issue was discovered in the Admin Notes plugin 1.1 for MyBB. CSRF allows an attacker to remotely delete all admin notes via an admin/index.php?empty=table (aka Clear Table) action.
CVE-2018-11096
PUBLISHED: 2018-05-21
Horse Market Sell & Rent Portal Script 1.5.7 has a CSRF vulnerability through which an attacker can change all of the target's account information remotely.
CVE-2018-11320
PUBLISHED: 2018-05-21
In Octopus Deploy 2018.4.4 through 2018.5.1, Octopus variables that are sourced from the target do not have sensitive values obfuscated in the deployment logs.