Category: Security

GDPR: Businesses must focus on digital transformation, not just tick-box compliance

The General Data Protection Regulation (GDPR) is now a matter of months away.  Vendors of all shapes and sizes are ramping up their GDPR scare stories (e.g. the potential fines) to trigger a response from businesses. Couchbase is taking a...

/ February 6, 2018

Speculative Execution Processor Vulnerabilities – Performance Impact Analysis

Last week, we published a blog with recommendation on securing Couchbase data platform in response to industry-wide security vulnerabilities. We continued to analyze the potential performance impact caused by the patched OS binaries and this blog post captures the detailed evaluation. As...

Speculative Execution Processor Vulnerabilities – ‘Meltdown and Spectre’: What you need to know

On Jan 3, 2018, Google’s Project Zero team along with several other university researchers identified several security issues with speculative execution, an optimization technique used in microprocessors to improve performance. Couchbase is aware of the recently disclosed class of processor/OS...

TLS

Certificate Pinning in Android with Couchbase Mobile

Couchbase Mobile 2.0 supports certificate pinning on all Couchbase mobile platforms. Certificate pinning is a technique used by applications to “pin” a host to it’s certificate/public key. Communication between Couchbase Lite and Sync Gateway is encryped and secured using SSL/TLS....

Announcing Couchbase Server 5.0

Couchbase Server 5.0 is here!!! I am thrilled to announce the availability of this major release. Couchbase Server 5.0 is the latest release of the most powerful NoSQL technology. Couchbase Server, the foundation of the Couchbase Data Platform, allows enterprises...

CURL Comes to N1QL: Querying External JSON Data

JSON is a helpful way to transmit data. Now, N1QL can query it thanks to a CURL update in Couchbase 5.0. See how to connect to various endpoints to do just that. N1QL has many functions that allow you to...

/ October 6, 2017

Putting a Zipper on the Back of the Hospital Gown

Last week, security firm Appthority published a report titled HospitalGown: The Backend Exposure Putting Enterprise Data at Risk, which highlighted newly-discovered vulnerabilities between mobile apps and insecure backend databases containing enterprise data. The vulnerability is caused not by code in...

Authentication and authorization

Authentication and Authorization with RBAC in .NET

Authentication and authorization are vastly improved in Couchbase Server 5.0. We’ve been blogging about the new RBAC features in the developer preview for a while. Authentication and Authorization with RBAC – introduction / part 1 Authentication and Authorization with RBAC...

Improved SDK Authentication Methods – Couchbase 5.0

Couchbase Server 5.0 delivers some great new authentication features that require some minor changes to your client connection code.  The specific changes to the SDK are outlined in this post and also refer to changes made in the pre-release April Developer Build as...

/ May 1, 2017
Authentication and authorization

Authorization & Authentication with RBAC (Part 2)

Authorization and authentication are important to Couchbase. In March, I blogged about some of the new Role Based Access Control (RBAC) that we are showing in the Couchbase Server 5.0 Developer Builds. This month, I’d like to go into a...