Author

Security vulnerability CVE-2022-42889, Text4Shell
What is Text4Shell vulnerability? A critical severity security vulnerability affecting the Apache Commons Text library (CVE-2022-42889) Text4Shell that can be exploited and was made public on October 13, 2022. As soon as Couchbase became aware of this issue, we investigated...

Encrypted Private Keys & Multi-CA, Enterprise Security Enhancements In Couchbase Server 7.1
Couchbase Server 7.1 introduces a range of security enhancements for TLS certificates. These are used to encrypt and decrypt data transmitted over the network and can also authenticate users. We’re excited to introduce four enhancements: Multiple Certificate Authorities Encrypted TLS...

New RBAC Roles in Couchbase 7.0
Couchbase Server version 7.0 introduces some important changes as part of the role-based access control (RBAC) authorization system. Couchbase Server has allowed fine-grained access controls to the platform with RBAC for administrators since version 4.5 and all users since version...

Couchbase Server 7.0.2 Enforce TLS, HSTS & Enforce IP Address Family
In this blog post, I will introduce three new features in Couchbase Server 7.0.2 (“Server”) to help administrators deploy Couchbase Server in a secure manner: Enforce TLS, HSTS, and Enforce IP Address Family. When deploying a Couchbase Server cluster, a...

What to Know About the Log4j Vulnerability CVE-2021-44228
A critical zero-day exploit, known as Log4Shell, affecting the Apache Log4j utility (CVE-2021-44228) was made public on December 9, 2021. As soon as Couchbase became aware of this issue, we investigated it immediately within our product and security teams, and...

Secure Your Data at Rest with LUKS Disk Encryption in Couchbase
Couchbase now supports LUKS disk encryption to secure your data at rest. How secure is LUKS? Couchbase 7.0 puts a big focus on security, debuting support for both role-based access control (RBAC) for Scopes and Collections, and encryption of at-rest...

Introducing Role-Based Access Control (RBAC) Security for Collections in Couchbase 7.0
Your data in Couchbase just got more secure. Couchbase Server 7.0 introduced Scopes and Collections to better map between relational and NoSQL data models. But the 7.0 release also includes some additional enhancements to strengthen the security of the data...

Deep Dive on Multi-Factor Authentication
In this article I will explain what multi-factor authentication is, why you should be using it and how to easily implement it with Couchbase Server. We’ll look at using both software and hardware implementations, which offer a tradeoff between cost,...

TLS 1.3 encryption arrives to Couchbase Server 7.0
The Couchbase Server 7.0 Beta is now available with some additional enhancements to strengthen the security of the platform. Couchbase uses TLS encryption across our portfolio to ensure communication across the network is secure, meaning that outside parties cannot eavesdrop...