From the first step of social life to the present... the endless field of 'security' in learning

‍Hello, this is Bruce, Backend & Frontend Team Lead at CHEQUER Inc. I took my first step in my career as a developer, and luckily I am still working as a developer to this day.

From my early days as a novice developer to the present, working in a security-focused company, 'security' has always felt heavy and complex to me. I still feel that I lack technical knowledge in the security domain and understanding of the business environment, so when I was asked to contribute to Tech Talk, I was worried if I would be able to write a 'good' article, as they say. However, putting aside my worries for a moment, I would like to discuss the direction in which security products should move based on the concerns of my fellow crew members that I have been observing.

My story touches on security in the cloud-native environment and also includes expectations for the evolution of Querypie and the potential for growth in the business domain.

‍

‍Security in the Cloud Native Environment experiencing a period of upheaval‍

'Security' in the Cloud Native Environment is an important consideration in modern business. Since joining CHEQUER Inc., I have personally experienced the development of the security environment in a completely different dimension from what I used to think. However, many developers still tend to avoid or find security issues cumbersome. (I also think that I was not much different in the past before joining CHEQUER Inc.)

In recent years, the 'Cloud Native Environment' in the area of application construction and operation has been undergoing rapid changes. Unlike the past, where it was simple, we are now in an era where complex and distributed environment construction systems are required. Accordingly, each company's security team is exploring completely new forms of security approaches, moving away from the traditional methods.

The biggest reason why past security strategies are not effective in responding to the modern Cloud Native Environment. CNSP (Cloud Native Security Platform) should include security itself in the development pipeline, encompassing the CI/CD lifecycle and integrating with DevOps workflows. When the security environment is developed and operated in this way, companies can finally share context about infrastructure, users, development platforms, and cloud workloads, and provide integrated visibility among platform components.

QueryPie has been contemplating security in the Cloud Native Environment for several years and is currently providing stable security solutions to major domestic companies. Furthermore, all members of QueryPie are making efforts to build a comprehensive security platform centered around 'data' beyond CNSP.

‍

‍CDPP performs a critical role in securely protecting data stored in the cloud

‍In a cloud environment, there is a need for a platform that can efficiently manage and protect data. In this regard, CDPP (Cloud Data Protection Platform) plays a crucial role in protecting data within the cloud environment through various functionalities. By utilizing CDPP, businesses can securely maintain data stored in the cloud and enhance their business performance by preparing for unforeseen incidents.

The essential requirements for CDPP, as defined by the CHEQUER, are as follows. 

1. Multi-cloud support and synchronization: You can effectively manage and synchronize data from various cloud providers. This helps organizations protect data and maintain consistency across multiple cloud environments.
2. Role and attribute-based access control: It helps finely control access to data and enhance security.
3. Sensitive data blocking and masking: It detects sensitive data and provides measures to protect it. It utilizes technologies such as data masking and encryption to prevent sensitive information from being exposed.
4. Data audit logging and alerts: It generates audit logs for data activities and supports compliance with laws and security incident investigations. It also provides real-time alerts for abnormal data access and activities to support quick responses to security threats.
5. Access authorization and approval requests: It supports the approval process before users can access or modify data. This strengthens data protection and prevents unauthorized access.
   ‍

‍

Lead innovation and success of enterprises with QueryPie's powerful security features

‍QueryPie's powerful security features and seamless usability help users establish a stable security environment while allowing them to focus on the essence of the services or product development they pursue.

QueryPie provides basic security features of data security such as access control, audit logging, and data masking. In addition, it strengthens user authentication through integration with Identity Providers like Okta and OneLogin, and builds powerful workflows with 3rd party applications using APIs, pursuing practicality and innovation simultaneously.

Furthermore, QueryPie will continue to advance through Data Discovery and AI technologies. With the Data Discovery feature, it creates and integrates tags for all cloud data resource elements, enabling the identification and control of sensitive information. AI technologies such as automatic classification, anomaly detection, and Text-to-SQL are applied in this process. These technologies enable quick detection and protection of sensitive information.

Moreover, through the utilization of AI, it enhances the performance of enterprise security solutions and provides more effective security services.

QueryPie is continuously growing and helping customers and organizations achieve success in enhancing data protection and cloud security through constant innovation and excellent performance.

‍“We expect QueryPie to become a leading solution as CHEQUER grows as a CDPP-leading company."

‍