Posts tagged “Security Breach”

 

As part of the countdown to PostgresConf US 2018, learn more about the engaging content and our speakers for this year in our Speaker Spotlight Series.

Elizabeth Zalman is the Co-founder & CEO of strongDM, the definitive data security product. Previously she was Co-Founder and CEO of the cross-device profile company Media Armor.

Liz will be presenting a breakout session "Do You Know Your Vendor Dependencies" on Wednesday, April 18, at 4 pm. Read what she has to say about Postgres and why to attend her session: 

Why PostgreSQL? What got you into it, and made you stick with it?

Featureful performance & proven reliability. Over the years I've found fewer and fewer reasons to consider alternatives beyond Postgres (two notable exceptions being redis-style KV and queues).

Tell us about your involvement with the greater Postgres community.

strongDM hears a lot about how its customers use PG and its derivatives (Greenplum, the latest on Aurora, etc.) and we love sharing tips when appropriate.

What new features of PostgreSQL 10 are you most excited about?

As a security product, we're always happy to see security-related upgrades: SASL/SCRAM authentication is a popular option in several of database systems, and is a significant upgrade over the previous salted hashes. We also rely heavily on partitioning, so all related enhancements are welcome.Finally: although we generally wouldn't choose to run parallel queries in a primarily OLTP system, the promise of running analytic queries on a replica (rather than ETL'ing into an analytic database) is very appealing.

What features should be developed/improved and released in the next major upgrade?

Dynamic optimization for queries on partitioned tables. Right now if you run select * from date_partitioned_table where event_timestamp between NOW() and NOW() - interval '7 days'; It scans every partition because the result of NOW() is not knowable ahead of time. But it could optimize that query when it was asked to execute it. Instead of creating a static query plan it could say, I know I'm going to have to compute a list of partitions. So, let's just remember that. Then right before the query runs, it could calculate the list and run the query as though it had been planned with a static date range, and thus only query the affected tables. 

 Why should attendees come to your talk at PostgresConf US 2018?

In this talk, I'll share practical examples of breaches I've personally experienced along with advice on how to hold your vendors accountable, and hopefully make the topic of security a little less intimidating in the process.

What sessions are you most excited about attending at PostgresConf US 2018?

I am looking forward to attending “Reducing the Surface Area of Risk in Data Security” by Tim Gorman and “General Data Protection Regulation (GDPR) with Azure Database for PostgreSQL” by Mark Bolz.

What is your favorite aspect of PostgresConf US?

Being able to network with and learn from a unique community! I’ve found practice to really be one of the best ways to learn about databases.

 What advice would you have for a Computer Science graduate or entry level developer who are interested in learning and engaging with Postgres? 

 I’ve found practice to really be one of the best ways to learn about databases. Get your hands dirty: try breaking things and then fixing them! 

Check out the full schedule for PostgresConf US 2018, and buy your tickets soon!