Author
Securing Communication with TLS Certificates: A Definitive Guide for Couchbase Server (Part 3 of 3)
Understanding TLS within Couchbase Server In Part 1 and Part 2 of this guide, we explained the history of TLS, the components involved and how it works. In this final 3rd part of the guide we combine this all together...
Securing Communication with TLS Certificates: A Definitive Guide for Couchbase Server (Part 2 of 3)
In part 1 of this 3 part series we learned about the components of TLS, in part 2 we will see how the TLS components interact with each other. In Part 3 of this guide, we’ll see how the components...
Couchbase Capella Achieves PCI DSS 4.0 Compliance and CSA STAR Level Certifications
We’re thrilled to announce two major milestones for Couchbase Capella™, our cutting-edge managed Database-as-a-Service (DBaaS) platform. We have officially achieved the Payment Card Industry Data Security Standard (PCI DSS) version 4.0 attestation of compliance (AoC) as well as a CSA...
Securing Communication with TLS Certificates: A Definitive Guide for Couchbase Server (Part 1 of 3)
Transport Layer Security (TLS) certificates are vital components in securing network communications with a Couchbase Server deployment. TLS ensures the confidentiality, integrity, and authenticity of data transmitted between clients and servers. This comprehensive guide aims to demystify the configuration and...
Unlocking Next-Level Search: The Power of Vector Databases
These days, you can’t go anywhere without hearing about the latest breakthroughs in artificial intelligence (AI). The concept may feel overwhelming if you haven’t incorporated AI into your platform, but it’s much easier to understand than it seems. One of...
Security vulnerability CVE-2022-42889, Text4Shell
What is Text4Shell vulnerability? A critical severity security vulnerability affecting the Apache Commons Text library (CVE-2022-42889) Text4Shell that can be exploited and was made public on October 13, 2022. As soon as Couchbase became aware of this issue, we investigated...
Encrypted Private Keys & Multi-CA, Enterprise Security Enhancements In Couchbase Server 7.1
Couchbase Server 7.1 introduces a range of security enhancements for TLS certificates. These are used to encrypt and decrypt data transmitted over the network and can also authenticate users. We’re excited to introduce four enhancements: Multiple Certificate Authorities Encrypted TLS...
New RBAC Roles in Couchbase 7.0
Couchbase Server version 7.0 introduces some important changes as part of the role-based access control (RBAC) authorization system. Couchbase Server has allowed fine-grained access controls to the platform with RBAC for administrators since version 4.5 and all users since version...
Couchbase Server 7.0.2 Enforce TLS, HSTS & Enforce IP Address Family
In this blog post, I will introduce three new features in Couchbase Server 7.0.2 (“Server”) to help administrators deploy Couchbase Server in a secure manner: Enforce TLS, HSTS, and Enforce IP Address Family. When deploying a Couchbase Server cluster, a...
What to Know About the Log4j Vulnerability CVE-2021-44228
A critical zero-day exploit, known as Log4Shell, affecting the Apache Log4j utility (CVE-2021-44228) was made public on December 9, 2021. As soon as Couchbase became aware of this issue, we investigated it immediately within our product and security teams, and...
Secure Your Data at Rest with LUKS Disk Encryption in Couchbase
Couchbase now supports LUKS disk encryption to secure your data at rest. How secure is LUKS? Couchbase 7.0 puts a big focus on security, debuting support for both role-based access control (RBAC) for Scopes and Collections, and encryption of at-rest...