I love hiking as well as outdoor navigation. What I find especially useful for these types of trips is not only planning my waypoints but also searching in advance for points-of-confusion — points which will inform me if I went off route. …


And why it’s the enabler of Data Democratization.

Photo by Mika Baumeister on Unsplash

In this article, I will walk through the definition of DataSecOps, as well as its main principles today. As DataSecOps is a very exciting and new mindset, these principles will inevitably transform as DataSecOps gains more experience and information.

Definition of DataSecOps

Let’s begin with a suggested definition of DataSecOps: DataSecOps is an…


DataSecOps: Embedding Security Into DataOp

History repeats itself. The transition of applications to the cloud and the development of software in a more agile way brought DevOps, which — a few years and several data breaches later — sparked the realization that security needs to be embedded in the DevOps process, not an add-on to…


I need to get something off my chest. It’s time for our beloved cybersecurity community to retire the cliches permeating every slide deck about sensitive data — especially the notion that “sensitive data is the crown jewels of a company.” Please understand me; I can appreciate how this type of…


Amazon Redshift allows companies to analyze large amounts of data, whether the data is stored in a data warehouse or in a data lake (by using Amazon Redshift Spectrum). …


Snowflake’s data access modeling is different from many other databases and data warehouses. So it’s funny when I hear the question, “does Snowflake offer RBAC?” Snowflake works purely in a role-based access control (RBAC) model, where you can only assign privileges on actions and objects to roles, never to users…


In a healthy DataSecOps operation, an important part of planning a secure Snowflake deployment is planning for the separation of environments. This is true for an organization with a new Snowflake. …


Large enterprises often have separate data warehouses for different accounts of the same business entity. There may be many different reasons, including:

  • Having several autonomous business units within the organization
  • Compliance requirements to separate some of the data from the rest (for example: having a dedicated data warehouse for EU…

So you’re using BigQuery as your Cloud Data Warehouse. However, in order to reduce risks, you want to limit access to BigQuery, and allow access only to specific IP addresses or ranges.

Why apply network access controls on top of BigQuery?

Some examples for situations when you want to apply…


AWS Redshift is the biggest cloud data warehouse in the world, with 10,000’s of clusters, and revolutionized data warehousing. …

Ben Herzberg

Love CyberSec & Data. Chief Scientist @ Satori

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store