All software is inherently susceptible to security vulnerabilities. However, by leveraging open-source solutions, organizations can significantly bolster their defenses against malicious cyber threats. This perspective was shared by Jeremy Wilson, the Chief Technology Officer for the North America public sector at EDB, during a recent discussion at Federal News Network’s Industry Exchange Data 2025.
Wilson emphasized the advantages of open-source software, noting that a global community continuously scrutinizes the source code. “This inspection and improvement cycle is relentless,” he explained. “Typically, there are fewer issues and bugs, and those that are discovered can be addressed swiftly due to the collaborative nature of the community.”
Why a PostgreSQL Approach Adds Value
EDB has made its mark in the open-source landscape with its PostgreSQL database product, which is designed to optimize online transaction systems, data warehousing, and analytics. “We’ve taken the core open-source database from the community and built an enterprise model around it, incorporating security enhancements, performance improvements, and scalability,” Wilson stated. This offering is versatile, functioning seamlessly in both commercial cloud environments and agency data centers, with a strong emphasis on security.
“At EDB, we prioritize embedding security into our DevSecOps process,” Wilson noted. The company synchronizes its release cycles with those of the open-source community to ensure timely updates. “We are committed to meeting the regulatory requirements of the public sector and federal government,” he added, highlighting the importance of keeping Federal Information Processing Standard (FIPS) and Defense Information Systems Agency Security Technical Implementation Guides (STIG) libraries current. EDB is also in the process of obtaining FedRAMP High certification.
Added Security in EDB Postgres
Modern cybersecurity strategies emphasize the necessity of data protection for agencies. Wilson pointed out that EDB collaborates closely with Red Hat to implement security controls, such as encryption in Enterprise Linux, enhancing security at the operating system level. EDB goes beyond this foundational layer.
“We have integrated features like transparent data encryption, column-level encryption, and data redaction into our Postgres offering,” Wilson explained. “Our approach surpasses the basic operating system protections.” With the inclusion of application programming interfaces (APIs), EDB’s Postgres solution supports agencies’ zero trust cybersecurity initiatives.
“You could describe it as a foundational model—secure and auditable,” Wilson remarked, adding that the APIs can integrate with various zero trust components, including identity and access management, data management, and application and network security tools. This integration aims to provide users with comprehensive visibility into their data, whether it resides in a warehouse or an operational database.
Wilson acknowledged that agencies, often accustomed to proprietary solutions, may face challenges when transitioning to secure open-source alternatives. “Legacy processes and systems often lack the necessary expertise, and there are regulatory compliance hurdles and resource limitations. Historically, these have been the primary obstacles I’ve observed,” he explained.
Goal? Make Postgres Implementation Turnkey
As the largest supplier of Postgres, EDB aspires to deliver a turnkey enterprise database that facilitates the migration of both current and new applications, whether hosted on-premises or in the cloud. “We’ve developed an enterprise model—a wrapper, if you will—that encompasses improved scalability, security, and performance,” Wilson stated. “Specifically regarding security, we’ve implemented role-based access control and transparent data encryption.”
He further emphasized, “We comply with FIPS 140-3 and DISA STIGs, having fortified the environment to ensure a functional STIG for our database.”
Discover more articles and videos now on our Federal News Network’s Industry Exchange Data 2025.
Copyright © 2025 Federal News Network. All rights reserved. This website is not intended for users located within the European Economic Area.
