Bright is now integrated with GitHub Copilot

Check it out! →
Product
Product overview

See how dev-centric DAST for the enterprise secures your business.

Web attacks

Continuous security testing for web applications at high-scale.

API attacks

Safeguard your APIs no matter how often you deploy.

Business logic attacks

Future-proof your security testing with green-flow exploitation testing.

LLM attacks

Next-gen security testing for LLM & Gen AI powered applications and add-ons.

Interfaces & extensions

Security testing throughout the SDLC - in your team’s native stack.

Integrations

Connecting your security stack & resolution processes seamlessly.

Docs

Getting started with Bright and implementing it in your enterprise stack.

Book a demo

We’ll show you how Bright’s DAST can secure your security posture.

Resources
Blog

Check out or insights & deep dives into the world of security testing.

Webinars & events

Upcoming & on-demand events and webinars from security experts.

Docs

Getting started with Bright and implementing it in your enterprise stack.

Case studies

Dive into DAST success stories from Bright customers.

Research

Download whitepapers & research on hot topics in the security field.

Company
About us

Who we are, where we came from, and our Bright vision for the future.

News

Bright news hot off the press.

Webinars & events

Upcoming & on-demand events and webinars from security experts.

We're hiring

Want to join the Bright team? See our open possitions.

Bug bounty

Found a security issue or vulnerability we should hear about? Let us know!

Contact us

Need some help getting started? Looking to collaborate? Talk to us.

Resources > Blog >
Data Breaches Due to Exposed Databases

Data Breaches Due to Exposed Databases

Edward Chopskie

As we wrap up our posts for 2019 we thought we would recap the “joy” of some significant breaches that happened in the past through years. May 2020 see us all secure and have no vulnerabilities exposed.

A massive breach of sensitive personal information in Ecuador is a recent case where there was no hacking involved at all. The owner of the data; an Ecuadorian company named Novaestrat, left an unsecured Elasticsearch database exposed on a publicly accessible server in Miami. The leaked database contained data about 20 million individuals (Ecuador has a population of 16 million, but some records were attributed to deceased individuals).

This is not the first time that a breach happens due to an exposed database, and while Elasticsearch appears to be the most popular platform, there are others. 

Here are a few similar breaches from 2019:

1. Honda Motor Company
Elasticsearch, 134 million rows of data about their employees


2. BioStar 2
Elasticsearch, over 1 million records including face recognition and fingerprint data


3. Orvibo
Elasticsearch, 2 billion device user records


4. Thedatarepo
MongoDB, 188 million personal records


5. Pyramid Hotel Group
Wazuh – Open source intrusion detection system  – 85 GB of security logs including personal data


6. Bejing Jidao Network Technology
Elasticsearch, 33 million job profiles


7. Dow Jones
Elasticsearch, 2.4 million client records


8. Verifications.io
MongoDB, over 800 million email records


9. Rubrik
Elasticsearch, tens of gigabytes of customer data


10. CitiFinancial
Elasticsearch, 24 million mortgage records

What’s the cause of these data breaches?

By default, Elasticsearch connects to a local address, and therefore it doesn’t publicly expose the database. To connect to a public address, Elasticsearch needs a manual configuration.

Until May this year, there were advanced security features available only in the paid version of Elasticsearch. Unfortunately, companies that decided to use a free version and save some money were obligated to secure DB’s on their own, and they failed to do so. In addition, it is important to mention that exposures can still happen anytime if software updates are not applied correctly. As such, the main cause of these data breaches is not technology but a lack of proper security policies in the business. 

Sadly, many believe that if the database is not exposed to the internet, nobody can find it. Others are unable to implement proper security configuration in databases, software, and firewalls. Without a doubt, data breaches are happening and will keep occurring without adequate application security testing performed with correct security testing tools.

How can Bright help?

When it comes to data breaches due to exposed DBs and firewalls the only way to protect the system, data, and yourself is via regular application security testing implemented into the software development lifecycle. This enables for the entire infrastructure to be automatically scanned for vulnerabilities. Manual scans can be performed, but this is not a reliable practice because it doesn’t guarantee complete protection and it consumes a lot of resources. Instead, you can use Bright for web application security testing. With no false positives, Bright is a scalable enterprise solution, that is integrated into your Ci/CD and integrated into your unit testing and QA practices. It provides full automation of your web application scanning, and helps detect unauthenticated and exposed DB’s as well as weak administration panels. The integration into the SDLC enhances DevSecOps and delivers an immediate return of investment to organizations that decide to use it.

Resources

IASTless IAST – The SAST to DAST Bridge

Streamline appsec with IASTless IAST. Simplify deployment, enhance accuracy, and boost your security posture by combining SAST and Bright’s DAST.

Bringing DAST security to AI-generated code

AI-generated code is basically the holy grail of developer tools of this decade. Think back to just over two years ago; every third article discussed how there weren’t enough engineers to answer demand; some companies even offered coding training for candidates wanting to make a career change. The demand for software and hardware innovation was

5 Examples of Zero Day Vulnerabilities and How to Protect Your Organization

A zero day vulnerability refers to a software security flaw that is unknown to those who should be mitigating it, including the vendor of the target software.

Get our newsletter