Searchable encryption in Supabase with CipherStash Protect.js
With CipherStash, all your sensitive data is encrypted at the application level before it's stored in your Supabase instance and it remains completely searchable.
CipherStash Blog.
Data protection in Next.js Pages Router with Protect.js and Supabase
As developers, we need to make sure that our applications handle sensitive information securely, especially when dealing with personal information like email addresses and other PII data.
You can certifiably trust us. Read on to find out why you don't need to!
While our shiny new SOC 2 Type 2 badge shows that you can trust us, if you're using CipherStash, you don't actually *need* to trust us — your customers' sensitive data is always secure.
How we used the PostgreSQL wire protocol to bring you searchable encryption
When using CipherStash Proxy, applications can interact with encrypted data in a Postgres database as if it were plaintext. SQL statements are intercepted, parsed, type-checked, and mapped to the configuration specifying the types of encryption to use. In order to make all of this smart magic work to abstract the complexity of searchable encryption, CipherStash Proxy has to handle the nuances of the PostgreSQL wire protocol.
Rewriting SQL on the fly in CipherStash Proxy – part 1
CipherStash Proxy helps teams who need advanced data security controls but don't have the capability or capacity to make changes to their apps. With CipherStash Proxy, developers, devops engineers, and SREs can encrypt their most sensitive data in Postgres databases with zero changes to SQL queries in their apps.
Encryption in use: 3 ways to protect sensitive data in Typescript backends
When building a JavaScript or TypeScript application, few concerns weigh more heavily than the secure handling of sensitive data. Whether you're dealing with personal user information, health records, or simply wanting to follow best practices, implementing data protection is critical.
Adding Protect.js to a Next.js app that uses the Supabase SDK
Let's look at how to add Protect.js to a Next.js app that uses the Supabase SDK and server actions to read and insert encrypted data into a Supabase Postgres instance.
And now… CipherStash Proxy!
CipherStash Proxy keeps your sensitive data in PostgreSQL encrypted and searchable, without changing your SQL queries. This means that you can protect your most sensitive data with strong security controls, without slowing down your dev team.
Introducing Protect.js
Protecting data that’s sensitive — such as personal health or financial information — is crucial to building applications that users trust. But getting access control right is a tricky business. Complex requirements and a plethora of tools, as well as performance considerations, can kill dev team productivity.
Eating your security vegetables – a call for improved cyber hygiene
Exercise, healthy eating, and minimizing alcohol consumption are all preventative measures. We should think of ransomware the same way.
Compliance doesn’t have to be scary
Does the word “compliance” fill you with dread? It doesn’t have to. You probably imagine the time that’s going to be taken away from your important day-to-day work, but as our recent experience at CipherStash shows, there’s another way.
Yay we got SOC 2 for the holidays
Just in time for the end of the year when people are rushing to finish things off, our gift to you is (drumroll please)... SOC 2 compliance!
CipherStash for DynamoDB is generally available
We’re excited to announce general availability of CipherStash for DynamoDB, our cutting-edge solution for client-side data encryption and server-side encrypted search in Amazon DynamoDB.
How can a good developer experience improve your security posture?
Security outcomes are not just delivered by the security team. How can security teams more effectively work with the rest of the business?
Encryption in use with PostgreSQL
Don't just rely on encryption at rest and in transit to protect your sensitive data. Use searchable encryption to enable encryption in use to harden data privacy in Postgres.
Verifying Rust Zeroize with Assembly...including portable SIMD
When writing code that deals with sensitive information like passwords or payment data, it's important to zeroize memory when you're done with it. Failing to do so can leave sensitive in memory even after the program is terminated and even end up on disk when the computer uses swap.
Challenges and Best Practices in Enterprise Data Protection
Large enterprises face especially difficult data protection challenges posed by the scale and diversity of the data they collect and store, the complexity of enterprise organizational structures, the likelihood of facing targeted attacks, and the difficulty in coordinating thousands of employees to move quickly to mitigate risks.
Defining Your Data Governance Strategy for 2024
The effectiveness of your data governance program is determined by how much care and attention you put into the design of its strategy. A well-designed governance strategy sets a sturdy foundation for your framework to click into.
PostgreSQL Security: Best Practices and Tools
This article will introduce to some PostgreSQL best practices you can implement for access and storage security.
Let's talk about the Optus hack
Optus just had Australia's biggest ever data breach. Here's what might have happened and how it could have been prevented.
3 security improvements databases can learn from APIs
It turns out there’s heaps we can learn from API security improvements and apply to databases. Here are the top 3!
Cryptographic Failures is now #2 on the OWASP Top 10
The OWASP Top 10 has recently been updated, and it has recognised Cryptographic Failures as the #2 vulnerability category.
CipherStash founder speaks on AusBiz TV
I spoke to host, Sam Brown about why CipherStash could be a gamechanger for enterprise data security.
Welcome David Wu
We are excited to announce that Dr David Wu, Assistant Professor at the University of Virginia, has joined CipherStash as an official advisor
Why we're building CipherStash
With data breaches continuing to threaten our privacy and data security, are current data protection schemes enough?
Start protecting your data
Get started by creating a free account and choosing your integration path, or get in touch to learn more.