Queryable Data Encryption

Kenneth White (@kennwhite, Security Principal @MongoDB) talks about the causes of internal breaches, querying encrypted data vs encryption-at-rest, and database evolutions.

SHOW: 644

CLOUD NEWS OF THE WEEK - http://bit.ly/cloudcast-cnotw

CHECK OUT OUR NEW PODCAST - "CLOUDCAST BASICS"

SHOW SPONSORS:

• Streamline on-call, collaboration, incident management, and automation with a free 30-day trial of Lightstep Incident Response, built on ServiceNow. Listeners of The Cloudcast will also receive a free Lightstep Incident Response T-shirt after firing an alert or incident.
• Pay for the services you use, not the number of people on your team with Lightstep Incident Response. Try free for 30 days. Fire an alert or incident today and receive a free Lightstep Incident Response t-shirt.
• Granulate, an Intel company - Autonomous, continuous, workload optimization
• gMaestro from Granulate - Kubernetes cost optimization, made easy
• Datadog Security Solution: Modern Monitoring and Security
• Start investigating security threats before it affects your customers with a free 14 day Datadog trial. Listeners of The Cloudcast will also receive a free Datadog T-shirt.

SHOW NOTES:

• MongoDB Queryable Encryption
• Wired article with more background
• MongoDB World presentation from June 2022
• Product page with FAQ & Documentation
• Podcast interview with The New Stack from MDBW in June

Topic 1 - Welcome to the show. You have quite a distinguished career in security and cryptography-adjacent. Tell us a little bit about your background, and what you focus on at MongoDB?

Topic 2 - Unfortunately, we’re hearing about more and more attacks that have an internal origination. From a security and cryptography perspective, what typically breaks down to allow this to happen? 

Topic 3 - MongoDB has recently launched a database that enables querying encrypted data. Give us some background on how this new concept came into being. 

Topic 4 - What are the technology components involved in making this happen - on the database side, on the application side, on the key management side? 

Topic 5 - What are some of the application use-cases where this new database technology makes sense?

Topic 6 - How can people start exploring this technology? Is it available in both the software and SaaS offerings?

FEEDBACK?

• Email: show at the cloudcast dot net
• Twitter: @thecloudcastnet