Category: Security

Introducing Role-Based Access Control in Couchbase Server 4.5

Over the years, it has been drilled into me to use “Least Privilege” access whenever and however possible. This specially applies to administrators – they manage important IT infrastructure components like NoSQL databases, and have the liberty to use all...

Introducing Couchbase Server 4.6.0 Developer Preview

Today, we’re very excited to announce the availability of Couchbase Server 4.6.0 DP. This is an early developer release that comes with some exciting capabilities for cross datacenter replication, security, query, tools, and powerful full text search capability. The Developer...

Skipping default bucket creation

Some days ago I made the following search: “databases unprotected”. It is really incredible the number of databases deployed without authentication. Most of them are just test databases published on the internet, but others are exposing sensitive data. (Image Licensed through...

Configuring IPsec for a Couchbase Cluster

Introduction Some Couchbase deployments require secure communications between nodes across the network, this could be due to reasons like data governance policies or regulatory compliance.  Internet Protocol Security (IPsec) is a protocol suite for secure Internet Protocol (IP) communications by...

Protect Your Data while Migrating from RDBMS to NoSQL

Note: this is a guest post by Michael Rothschild of Vormetric.   The only constant in life is change, and those of us in technology know this to be true. Technologies that were experiments just five years ago are now...

Securing Couchbase Server using Let’s Encrypt x.509 Certificates

Summary Securing data and access to data for application data is an important step in securing your environment for client applications and database protection in any sized environment. One of the simplest methods to secure data is the access path...

Watching SCRAM authentication in Java

SCRAM authentication is one of the new features in version 4.5. Check this blog entry for an introduction on SCRAM in Couchbase. In this article we will cover how to monitor SCRAM handshake from Java. First, you do not have...

/ May 27, 2016

Containers, Security, Double Dipping

One of the common misconception about containers is that they act as light VMs. Which would make you think they are perfectly isolated. It's not true. While they all give you some level of isolation, they all share a common...

Improved security in Couchbase 4.5: SCRAM-SHA

Security is important to us, here at Couchbase. I'd like to draw your attention to a new security feature in Couchbase 4.5 that might otherwise go unnoticed: SCRAM-SHA (pronounced like 'scram-shaw').     (Scram Image Licensed through Create Commons via...

Anti-Virus False Alarms and Couchbase

Anti-virus software can sometimes cause major headaches for developers trying to play with a new technology. Over time, we heard about many ways anti-virus software can interfere with Couchbase. This blog explains the commonly seen issues, the precautionary steps that...