Abstract: Embodiments of the present disclosure relate to generating a high level security policy for a data repository without knowledge of the access control, entitlement, and other models of the data repository. A set of abstractions that define a security policy language may be generated based on data in a data repository collection. The set of abstractions may define a security policy language, which may be provided to a security administrator who can define a security policy with the security policy language. The security policy may be translated into a common physical language to generate a common physical policy. The processing device may then translate the common physical policy into a set of commands for each of one or more data repositories that the data repository collection is comprised of.

Abstract: A method by a network device to enrich database logs. The method includes detecting that a process executing on the network device has created a database connection to a database server, determining contextual information of the process in response to detecting that the process has created the database connection, generating a key associated with the database connection based on information that is known to be included in a database log of the database, and providing the key and the contextual information to a correlator component.

Abstract: A method performed by a cloud computing platform of a cloud service is disclosed to assess a data security of a database deployed in a cloud environment associated with a user of the cloud service. The method includes creating a sandbox environment in the cloud environment associated with the user, loading scanner code in the sandbox environment, wherein the scanner code includes code for performing a data security assessment, loading and restoring a snapshot of the database in the sandbox environment, setting a unique password for admin access to the restored snapshot of the database, executing the scanner code in the sandbox environment to perform the data security assessment on the restored snapshot of the database, and tearing down the sandbox environment in response to a determination that the scanner code has finished execution.

Abstract: Embodiments of the present disclosure relate to generating a high level security policy for a data repository without knowledge of the access control, entitlement, and other models of the data repository. A set of abstractions that define a security policy language may be generated based on data in a data repository collection. The set of abstractions may define a security policy language, which may be provided to a security administrator who can define a security policy with the security policy language. The security policy may be translated into a common physical language to generate a common physical policy. The processing device may then translate the common physical policy into a set of commands for each of one or more data repositories that the data repository collection is comprised of.

Abstract: Embodiments of the present disclosure relate to utilizing an existing login process of a data repository to enable the data repository to delegate MFA functionality to an external MFA system. When a purported user attempts to log in to the data repository, a delegation module within the login process may insert a record into a table associated with the login process. A program executing on a security device external to the data repository may periodically poll the table for new records and upon detecting the new record, may call the external MFA system to verify the login attempt. The external MFA system may indicate to the program whether the login attempt was verified and the program may update the table with the indication. Upon detecting the indication, the delegation module may complete or terminate the login attempt based on the indication.

Abstract: A method by a network device to enrich database logs. The method includes detecting that a process executing on the network device has created a database connection to a database server, determining contextual information of the process in response to detecting that the process has created the database connection, generating a key associated with the database connection based on information that is known to be included in a database log of the database, and providing the key and the contextual information to a correlator component.

Abstract: A method by a network device for providing contextual information for database logs. The method includes detecting that a process executing on the network device has created a database connection to a database server, determining a process ID of the process that created the database connection to the database server, determining contextual information using the process ID of the process, generating a key associated with the database connection based on information that is known to be included in a database log of the database, and providing the key and the contextual information to a correlator component, which is to correlate information included in the database log of the database with the contextual information based on the key to generate an enriched database log that correlates the information included in the database log with the contextual information.