Security

July 10, 2024

Discover the Yugabyte Private Bug Bounty Program on HackerOne

As part of our commitment to maintaining the highest security standards and ensuring the integrity of our customers’ data, Yugabyte has partnered with HackerOne, the leading platform for security vulnerability coordination and bug bounty.

We are inviting a select group of ethical hackers to conduct real-time penetration testing on YugabyteDB Aeon, our PostgreSQL-compatible managed cloud DBaaS. Read our blog to discover how you can get involved.

Announcing PCI DSS Level 1 Compliance for YugabyteDB

March 14, 2024

By Michael Haag

Security

Announcing PCI DSS Level 1 Compliance for YugabyteDB

YugabyteDB achieved PCI DSS Level 1 compliance, the highest assurance level, for our fully-managed DBaaS offering. This affirms our commitment to securing highly sensitive data while delivering strong performance. An independent Qualified Security Assessor validated YugabyteDB’s compliance with PCI DSS requirements.

Announcing Enhanced Identity Security with Okta and PingOne Single Sign-On Integrations

February 22, 2024

By Michael Haag and Shreyas Agnihotri

Release Announcements

Announcing Enhanced Identity Security with Okta and PingOne Single Sign-On Integrations

YugabyteDB Managed now supports Okta and PingOne for single sign-on (SSO), offering users enhanced identity security and the flexibility to select their preferred authentication method. This update not only simplifies user access and management but also introduces key features and benefits aimed at boosting security, convenience, and scalability for organizations.

Elevate Your Cybersecurity Game With the CIS Benchmark for YugabyteDB

January 31, 2024

By Sergey Stelmakh

Security

Elevate Your Cybersecurity Game With the CIS Benchmark for YugabyteDB

Announcing the CIS Benchmark for YugabyteDB. Our latest blog explains how this benchmark elevates data security and aids businesses, particularly those in regulated sectors like finance and healthcare, in achieving stringent compliance standards.

Securing YugabyteDB: Evaluating and Selecting the Right Security Tool

January 18, 2024

By Bharat Kumar Mukheja

Security

Securing YugabyteDB: Evaluating and Selecting the Right Security Tool

In this second installment of our blog series on creating a secure DBaaS, we delve into the evaluation and selection of Wazuh, a self-hosted open-source SIEM/SOAR solution. We detail the its deployment within YugabyteDB’s infrastructure, including its integration into our production database nodes and how it captures data from various cloud service providers for comprehensive security monitoring.

Securing YugabyteDB: The SIEM/SOAR Quest

January 16, 2024

By Bharat Kumar Mukheja

Security

Securing YugabyteDB: The SIEM/SOAR Quest

At Yugabyte, we embarked on securing our fully managed DBaaS by evaluating and implementing the right SIEM/SOAR solutions. This 1st blog of a series details the first part of our journey, from outlining requirements to the challenges of finding the right SEIM tool.

YugabyteDB Managed on Azure: A New Era of Security and Scalability Capabilities

December 28, 2023

By Premika Srinivasan

Cloud Providers

YugabyteDB Managed on Azure: A New Era of Security and Scalability Capabilities

YugabyteDB Managed enhances its Azure offering with new security features like encryption at rest using Customer Managed Keys (CMK) with Azure Key Vault and Single-Sign-On (SSO) integration using Microsoft Entra ID. Additionally, it introduces flexible read replicas for cost-effective, region-specific scaling and new Azure tutorials to aid developers in application building.

YugabyteDB 2.20 Unveiled: Elevating Change Data Capture for Cloud Native Applications

December 11, 2023

By Michael Haag

Release Announcements

YugabyteDB 2.20 Unveiled: Elevating Change Data Capture for Cloud Native Applications

YugabyteDB 2.20 revolutionizes cloud-native applications with its advanced change data capture, ensuring transactional consistency for a broader range of use cases. This latest release also introduces significant enhancements like OIDC-based authentication and online point-in-time recovery, reinforcing database resilience and performance.

The Perfect Balance: YugabyteDB Managed Boosts Security Without Compromising User Experience

October 31, 2023

By Rangasayee Lalgudi Chandrasekaran

YugabyteDB Aeon

The Perfect Balance: YugabyteDB Managed Boosts Security Without Compromising User Experience

YugabyteDB Managed now offers enhanced networking and security features, simplifying database operations for users while maintaining security.

July 19, 2023

By Srinivasa Vasu

Ecosystem Integrations How To

Secure Spring Boot Applications Using YugabyteDB and Secret Manager Services

Ensure robust security and secure access to sensitive data for Spring Boot applications using YugabyteDB’s advanced security features, including TLS encryption, and native cloud secret management services like AWS Secrets Manager, GCP Secret Manager, Azure Key Vault, or Hashicorp Vault.

Security

Explore Distributed SQL and YugabyteDB in Depth