Multiple side channel attacks expose sensitive data
CPU Vulnerabilities Allow Programs To Access Data Unfettered
Based on latest reports, there have been four waves of Spectre-class vulnerabilities discovered that allow malicious programs to read sensitive data via side channel attacks. This brings the total count to over 30 vulnerabilities discovered this year alone, and raises questions about new threat models that need to be considered in the security architecture.
These new hardware-based vulnerabilities will create multiple challenges in that they take longer to fix and patch, and as companies move to cloud providers, there are no guarantees for what hardware the applications are running on. Put another way, the computing ground people thought they were all standing on to process data, doesn’t seem as stable given these new security gaps.
Baffle delivers application level encryption on a per field basis via a “no code” model. The technology supports “homomorphic-like” capabilities — the ability to perform mathematical operations on AES encrypted data without ever decrypting the underlying values. Data stays protected in memory, in use and at-rest.
No application code modification
Virtually no performance
Integrates easily into your
AES encryption in memory, in use,
See How Baffle Can Protect Your Data
Schedule a live demo with one of our solutions experts to get answers to your questions