Security information

Security information

Information security and all aspects around data protection and governance are at the core of many of our activities. We are committed to providing you with secure products and services, and to continual improvement of our information security controls and practices.

Security awareness is baked into our products and processes:

Contact us for any further information.

Ensuring the utmost security of your data is our top priority at Starburst. Our approach to protecting your data during in-memory processing within the Starburst engine incorporates multiple layers of robust security measures:

  • Industry Best Practices: We adhere to the highest industry standards for code security, encryption, and data protection. Our team continuously monitors and updates our security practices to stay ahead of emerging threats.

  • Java Memory-Safe Language: Starburst leverages Java, a memory-safe language, which significantly reduces the risk of memory-related vulnerabilities and potential exploits.

  • Data Lifecycle Management: We strictly follow the principle of data minimization, meaning data is only retained in memory for as long as it’s required during query processing. Once the processing is complete, the data is promptly discarded from memory to minimize exposure.

  • Encrypted Communication: All data transmissions between your data sources the Starburst engine are encrypted using industry-standard encryption protocols, ensuring data confidentiality and integrity throughout the communication process.

  • Access Controls: We implement rigorous access controls to limit and monitor the permissions of users interacting with the data in-memory. Role-based access ensures that only authorized personnel can query and access specific datasets.

  • Continuous Monitoring and Auditing: Our systems are equipped with advanced monitoring and auditing capabilities, enabling real-time tracking of activities and immediate detection of any suspicious behavior or potential security breaches.

  • Regular Security Assessments: We conduct regular security assessments, including vulnerability scanning and penetration testing, to identify and address any potential weaknesses proactively.

  • Security Updates and Patches: As part of our commitment to providing a secure environment, we promptly apply security updates and patches to address known vulnerabilities and ensure our system’s resilience against emerging threats.

  • Dedicated Security Team: We have a dedicated team of security experts who are committed to safeguarding your data and continuously improving our security posture.

By combining these measures, Starburst offers a robust and comprehensive security framework that minimizes the risk of data compromise during in-memory processing, providing you with the confidence you need to trust the security of our product. Should you have any specific security requirements or concerns, our team is always available to address them and work collaboratively to meet your needs effectively.

Starburst is uniquely qualified to uphold these principles, because our founders are the people who designed and built Trino, formerly PrestoSQL. For Starburst Enterprise and Starburst Galaxy, we have the expertise to make sure they are as secure as possible.

By integrating security into the development process, we establish a single point of secure access to enterprise data.

For more information on how Starburst implements a defense-oriented, in-depth security philosophy, visit the sections linked above.

Colton Ericksen
Director of Security: Governance, Risk, and Compliance