Stay Ahead With Linux Security Features
threat detection scalability Building a SIEM is easier than scaling one. Most open-source deployments start as a simple "all-in-one" server. It is easy to set up, but that design rarely survives the transition from a lab to a production workload. . A SIEM watching 20 endpoints is not doing the same job as one watching 500. More endpoints mean more logs; more logs require more storage; more storage makes search heavier. Eventually, the very architecture that made your lab easy to deploy becomes the reason your production...
Jun 04, 2026
security advisory apache A newly disclosed attack technique called HTTP/2 Bomb is drawing attention because it targets the software that sits at the front of much of the Linux internet. Apache HTTP Server, NGINX, Envoy, and the ingress layers that many Kubernetes environments depend on can be forced into consuming disproportionate amounts of memory using relatively small amounts of attacker traffic. . For Linux administrators, the concern is not the HTTP/2 protocol itself. It is the possibility that a single...
Jun 04, 2026
security advisory important The compromise of Nx Console shows how much infrastructure now sits behind a single developer account. GitHub repositories, CI/CD pipelines, container build systems, Terraform projects, Kubernetes deployments. None of those systems was the initial target. The workstation was. . Attackers did not need a Linux privilege escalation bug or a remote code execution chain. They needed developers to trust a tool they were already using. For many organizations, that was enough. What Happened? Federal...
Jun 03, 2026
security advisory open-source You remove the malware. You rotate the compromised credentials. You patch the original vulnerability and close the ticket. Two weeks later, the attacker is back. . What happened? You didn't lose the battle at the exploit; you lost it at the cleanup. In many modern Linux intrusions, the malware you found wasn't the main problem—it was the fallback mechanisms left behind. These hooks quietly restore attacker access the moment you look away. If you clean a host but miss these persistence layers,...
Jun 02, 2026
security advisory Red Hat Researchers investigating a campaign now tracked as Miasma found that more than 30 packages in Red Hat's @redhat-cloud-services npm namespace had been altered to deliver credential-stealing malware. . The packages weren't being used to deploy ransomware or sabotage systems. From what has been reported so far, the objective appears to have been much simpler: collect credentials from developer environments and use that access elsewhere. GitHub tokens, cloud credentials, SSH keys, and other...
Jun 02, 2026
Refine features
X Clear Filters
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Community Poll
What got you started with Linux?
Loading...
Explore Latest Linux Security features
We found -3 articles for you...
102
securityopen-sourcedatabaseRavenDB: Innovative NoSQL Database for Data Management and Security
When it comes to using a NoSQL document database to store, manage and retrieve documents, reliability, privacy, efficiency and ease-of-use are essential in optimizing productivity and ensuring data security. However, the unfortunate reality is that many NoSQL document databases fail to embody these important characteristics, leaving users frustrated - and often at risk. . Ranked among the top 10 Document Databases Worldwide by DB-Engines, RavenDB is an impressive NoSQL database that is pioneering document management with a unique, innovative open-source approach - providing users with an all-in one platform that is fast, scalable, integrated, fully-automated and secure. To gain insight into how RavenDB has been able to surpass the majority of other NoSQL databases available in these regards, we spoke with RavenDB Founder, CEO and Lead Developer Oren Eini about the project’s history and evolution, the unique set of benefits that RavenDB offers users and how the use of open-source development has helped give RavenDB a winning edge over its competitors. From Inspiration to Reality: The History and Evolution of RavenDB After years of working as a database performance consultant, software developer, programmer and entrepreneur, Oren Eini recognized the same mistakes being made in many of the projects he analyzed - plaguing all applications using these relational databases and resulting in unstructured data. The issues he noticed were most often not with the way the database was set up, but instead could be attributed to the complexity of the model and the impedance mismatch between the way the data was stored in a relational database and the way the application modeled the data. Beyond the relational world, there existed a host of databases under the NoSQL umbrella that had varying data models and use cases. Within this realm, Eini recognized the value of document databases for business applications, but was appalled at the state of these databases at the time. In particular, the lack oftransactions and the kind of interface users were presented with were decidedly not user friendly - putting the burden of transactions on the user while providing minimal insight into the data in the database. Convinced that there had to be a better way to process the critical information powering modern applications, Eini began envisioning a solution to this problem. He recalls: “I started thinking about the kind of database that I wanted to create. Thinking about it wasn’t enough at some point. I remember being woken at the middle of night and looking at the ceiling, seeing how the different components of the database would be put together.” In 2009 Eini began his work designing a NoSQL document database ahead of its time. His goal was to create the first transactional document database, prioritizing seamless integration and ease-of-use for both developers and operating teams. The first version of RavenDB was built using C#, and focused on providing a user-friendly database for business applications - which RavenDB continues to excel at today. Once coding began, the project made quick progress, and secured its first client - a Norwegian institution for wildlife preservation - in 2010. By 2015, one million developers worldwide had downloaded RavenDB and by 2018, with the releases of RavenDB 4.0 and 4.1, the database had a remarkable three million downloads. The following year, RavenDB Cloud was launched, offering a Database as a Service to AWS, Azure and Google Cloud users. The current release, RavenDB 5.0.2 (which can be downloaded download ), is the most comprehensive update to date, offering a robust set of features that made it easy for developers to integrate the document database into their applications. All of the components that comprise RavenDB 5.0.2 were built entirely from scratch to work harmoniously, resulting in a database that is simple to operate, fast, integrated and widely available. The release of version 5.0.2 introduced two key features: time series support and documentcompression. Time series support enables users to track time series data such as stock price, heart rate or location and document compression analyzes documents to identify commonalities between them, creating a dictionary that is used to compress data efficiently between documents. The new document compression feature has cut cloud storage costs in version 5.0.2 by an impressive 50%. RavenDB looks forward to the release of version 5.1 in Q4 of 2020, which will introduce the filtered replication feature. RavenDB is a distributed database with support for multiple concurrent writers in the cluster. A common deployment pattern is to deploy RavenDB instances on the edge, a s well as a RavenDB cluster in a central location. This pattern allows users to share data among many locations, providing the benefit of a local database with the ability to work in disconnected mode. At the same time, when there is connectivity between the edge and the central cluster, RavenDB will automatically sync the data between them. The filtered replication mode in version 5.1 extends this support even further, allowing users to define fine-grained security rules for data flows between the edge instances and the central cluster by controlling which edge machine will see what kind of data. Achieving Excellence through the Use of Open-Source Development RavenDB is an open-source database released under an OSI approved license (the AGPL for the server and MIT for the clients), a factor that Eini feels has both contributed to the adoption of the database and greatly enhanced its feature set. RavenDB’s automatic indexing support, for instance, was created by the open-source community and now stands out as one of the database’s central features. RavenDB is the epitome of an open-source success story - a testament to the power of community involvement and the benefits associated with source code transparency. Eini explains how the project’s open-source approach has impacted RavenDB’s success: “Being open-sourcehas allowed us to create a community around the project - one that has enriched the project significantly. Code contributions are only a part of this.” He elaborates: “Feedback provided by the community has been crucial in improving RavenDB. It really helps when you can have a proper discussion with a customer, and the fact that our entire codebase is open-source and available in our code repository has made it easy to get to the root cause of issues quickly.” Enhanced Security through Usability Along with the project’s unique and beneficial open-source philosophy, RavenDB’s impressive usability sets the database apart - especially when it comes to security. Unlike many vendors, the company considers support to be a cost center, not a revenue center. In other words, insight gained through support calls is used to modify the product to make such calls unnecessary in the future. Viewing support as a revenue center disincentivizes vendors to create user-friendly products - in this sense, it literally doesn’t pay to make software easy to use. This philosophy has drastic negative implications on security - which is closely tied with usability. Database breaches continually demonstrate that having complex security is equivalent to having no security at all. Eini compares this to a lock: “The best lock on the world isn’t going to be used if it takes too long to open and close. History has a wealth of examples of security measures that were awkward to use, and thus, ignored.” In contrast, RavenDB’s approach to security embodies simplicity and automation. The database has a binary security property - it is either running in a secured mode, or it is not. There aren’t a ton of configuration options or compatibility matrices to go through. Eini explains: “We put a lot of emphasis on the usability of the secured setup and users can go through the entire process with no knowledge of security and still end up with a secured system. In addition, RavenDB will flat out resist if you try toput it in a potentially insecure position. We intentionally made it so it would be very easy to fall into the pit of success.” Arguably the most important aspect of RavenDB’s security is the fact that it is largely automated. By selecting the defaults during the initial setup, the following will occur: RavenDB will assign a subdomain under “*.ravendb.community” to the user’s instance. RavenDB will use this to answer the Let’s Encrypt DNS challenge and generate an HTTPS certificate which will serve as the server certificate. RavenDB will update the DNS to point to the IP provided. RavenDB will generate a client certificate which can be used to authenticate to the server. None of the above require users to do anything more complex than select the name that they want their instance to have and the IP it should resolve to. The end result is that users can go to a URL such as: a.my-db.ravendb.community and authenticate immediately. There is no complex security checklist to go through, and no multi-step commands that must be entered in order to achieve the right setup. RavenDB handles all of this to mitigate the risk of security issues and exploits due to users’ failure to ‘lock the barn doors’. Key Takeaways Transparency, usability and automation are essential to the security and success of a database. RavenDB excels in all of these areas. The NoSQL document database is pioneering data management through the use of open-source development and an intense focus on usability and automation. RavenDB is an excellent option for developers looking for a fast, secure and easy-to-use database for the development of business applications. Visit ravendb.net to learn more about the database. RavenDB version 5.0.2 can be downloaded ravendb . Connect with RavenDB on social media: Twitter | Facebook | LinkedIn . Celebrated as one of the leading Graph Databases on the globe by DB-Engines, ArangoDB is a remarkable NoSQL solution.. NoSQL Document Database, RavenDBFeatures, Open-Source Security, Data Management Solutions. . Brittany Day
Oct 05, 2020
•
102
data protectiondata storagesqlGDPR Compliance with SQL and NoSQL in Blockchain Solutions
Blockchain, being a decentralized & dis-intermediated data store, is being considered for rapid adoption, in several industries like Supply Chain Management, P2P Global Transactions, Internet of Things, Electoral Voting, Stock Exchanges etc... . GDPR, the General Data Protection Regulation of European Union (EU), enables EU Residents to exercise several rights like Right to Access, Right to be Forgotten and Data Portability Rights, with Businesses (European or otherwise), who act as Data Controllers and / or Data Processors. Also, GDPR mandates Data Controllers to ensure Data Processors hold and handle Sensitive Personal Data of EU Residents, on a need to hold and need to access basis, overall moving forward with the goal of up-keeping the Security & Privacy of EU Residents, in this data encroaching world. This article is the gist of my attempts to practically understand the concept of immutability, and about how it applies in the scope of Database (as in Datomic and even MySQL, with Restricted User privileges), Cloud Storage (as in Wasabi), Message Queue (as in Apache Kafka) and last but not least the Blockchain, in the scope of Public (as in Bitcoin, Ethereum) to Private & Federated options (as in BigchainDB, Multichain). As a next step, the study continued to evaluate the above understanding of immutability w.r.t. Blockchain, in the scope of "Encryption Key Life Cycle Management" mandate, of both PCI-DSS & HIPAA Compliance, then came the EUGDPR, and the "Right to be Forgotten" Clause of it, helped me to perceive the underlying technical challenges and to thereby come up with a thought process, that can enable anyone to use Blockchain in a more logical approach, while still staying in compliance with all popular legal frameworks, that includes the recent EUGDPR and any similar Privacy Oriented Regulations of other countries in near future. I. Blockchain and Immutable Data Structures The Data in the Blockchain is by default considered to be immutable, and while the levels of immutabilitydepends on the type of blockchain implementation and corresponding Data Validator choices, the purpose of the Blockchain can be realized to the maximum extent, only after the core issues like scalability, interoperability and usability are clearly addressed, while staying compliant with relevant industry specific mandates in the process. Scope of prevailing Immutability To understand better, the major types of blockchain classifications with corresponding levels of immutability are listed below: 1. Public Blockchain (Mutable, once a group of miners who collectively achieved 51% hashrate, decides to recreate Blocks, from a chosen block and all subsequent ones). 2. Private Blockchain (Mutable, once a group of 51% Validators who collectively decides to recreate Blocks, from a chosen block and all subsequent ones). 3. Federated / Consortium Blockchain (Mutable, once a group of 51% Validators who collectively decides to recreate Blocks, from a chosen block and all subsequent ones). II. Anonymity & KYC While the Blockchain is considered to offer natural anonymity, irrespective of the context it is implemented in, 1. Be it as a Cryptocurrency system (example: Bitcoin) or 2. As a Decentralized Platform (example: Ethereum) or 3. When creating a Conglomerate, that interconnects one or more Blockchain Platforms with / with out existing Enterprise Database Systems, there is a visible need for SQL / NoSQL Databases, to compliment Blockchain implementations, w.r.t. storage of User's Know Your Customer (KYC) info, for Banks / Fintech Companies / Government Organizations and other businesses to deeply adopt BlockChain, in their context, in to long run. III. Confidentiality & Compliance While Security First Design is always a suggested one, to any industry, there exists few compliance mandates like PCI-DSS for Payments and HIPAA for Healthcare applications, that enforces compliance mandates with a primary goal of protecting User's Sensitive Data with utmost priority. Some of the highlightsinclude: 1. Secure Data at Rest i.e., by using well recommended Encryption Algorithms, when securing sensitive data, in the data store. 2. Secure Data in Transit i.e, by using Secure Protocols, recommended Encryption Algorithms, proper encryption strength, trusted keys / certificates, when transmitting data over public networks. 3. Information to be made available to the service provider's personnel, on a business need to know basis. 4. Periodic Vulnerability Scans of External facing Applications, Security Audits to all major Software Versions and usage of Certified Hardware Devices in the mix. 5. Encryption Key Life Cycle Management, that will have to be triggered either on periodic basis (quarterly / semi-annually / annually) and / or whenever an existing employee, who have access to Keys, changes to a different team / leaves the service provider's company. Important Observations Considering the prevailing immutable nature of Blockchain, any User Sensitive Data when stored on Blockchain creates a mandated situation of regenerating the chain, from it's genesis block / specific block (from which data change is required), every time one of the following event happens: 1. The "Encryption Key Life Cycle Management" Procedures are executed. 2. A User exercises the "Right to be Forgotten" Clause of GDPR Regulation, w.r.t. the way, the User's Critical Personal Data is handled by the Data Controller / Data Processor, and when the User's Request has a clear legal standing. This requirement to regenerate blocks in the chain, can only be prevented when the Blockchain is complimented by SQL / NoSQL Databases, in a sensible way, such that, Blockchain Stays as an enabler of Trust (by storing the Digital Signature of corresponding data), while SQL / NoSQL Databases takes the responsibility of storing the User's Sensitive Data and / or Critical Personal Data. IV. Summary It's the Scalability aspect in the database tier, that made people to innovate, and the result is a Performance & Scalability centricNoSQL Databases (those that are flexible enough to handle semi-structured / unstructured data) when compared to Data Integrity & Consistency oriented SQL Databases (those that are primarily meant to handle structured data). While on other hand, the implementation of Bitcoin as Cryptocurrency highlighted the potential of the underlying concept of Decentralized & Dis-intermediated Blockchain solution, that later became the base for many other second generation blockchain solutions starting with Ethereum and third generation blockchain solutions like Eosio, Cardano and Quant's Overledger. Summarizing the above, a lot of R&D activity is yet to happen to create innovative Blockchain Solutions, that can scale better, all while being inter-operable and usable for addressing different business requirements and when complimented with SQL and / or NoSQL Databases, the combination will become a Holy Grail, to Businesses / Governments when launching Solutions that are Compliant in both Security & Privacy perspectives overall. This GDPR kind of Privacy Enhancing Regulations are the need of the hour, that many other countries across the Globe, are starting to realize, that includes India, and this will soon lead to a new era of Privacy Oriented Legal Frameworks, in force, in different countries, all being implemented in respective country's context. Please share your thoughts and I welcome everyone's feedback and comments on this post... About the Author Raghuveer Dendukuri is an Application Architect, Product Manager & Tech Entrepreneur, who is passionate about executing Fintech & Digital Transformation Projects, in Enterprise & SAAS Deployment Models, advocates Secure & Scalable Application Development Practices in PHP, while ensuring appropriate Cryptographic Algorithm Choices are in place, for the application to stay in compliance with all industry specific mandates like PCI-DSS, HIPAA, GDPR etc... in the process. Raghuveer works as a Consultant and serves his clients in Application Architect & ProductManagement roles. This study is made out of his personal thirst to differentiate the hype Vs pragmatic advantages of Blockchain, for him to thereby make educated technology choices among data stores like SQL / NoSQL / Blockchain Systems, either as a single option or as a combination, for the long term advantage of his client applications. Contact him for more info on his Raghu LinkedIn Profile. . GDPR, the General Data Protection Regulation of European Union (EU), enables EU Residents to exercis. being, blockchain, decentralized, dis-intermediated, store, considered, rapid. . Brittany Day
Oct 29, 2018
•
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Community Poll
What got you started with Linux?
Search Topics
Powered By
Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases
QUICK LINKS
subscribe to newsletters!
Like staying secure? So do we.
Sign up for updates, tips, and alerts!
Discover faster search, smarter navigation, and deeper Linux security insights. Read More