If database security is a top concern and you are looking for ways to quickly find and remediate common data security risks, you should try the newly announced Percona Monitoring and Management 2.6. This includes a new Security Threat Tool which allows you to run regular database security checks across all of your database servers, helping you quickly identify and mitigate common security risks. Covering the most popular open source databases – MySQL, MariaDB, MongoDB, and PostgreSQL, this tool currently provides checks for:
- Database versions – to ensure the latest version of the database is being used
- Empty passwords – to mitigate the most common attack surface of databases
The Security Threat Tool can help you to ensure compliance as you have the ability to run checks daily, get alerts when non-compliance is found, and audit your security check history. Check out Roma Novikov’s blog for more information on setting up and using the new Security Threat Tool.
Although only a few basic checks are included initially, additional checks will be added over the next few months. We would love your feedback on the checks that you would like to see included in the future (please comment below).
In addition to the new Security Threat Tool, Percona Monitoring and Management 2.6 also includes:
- Enhanced annotations which allow you to set up annotations in Grafana and have them visible on all of your Percona Monitoring and Management dashboards
- The ability to prevent errors with Docker deployments by advising users when the wrong environment variables are used while starting Percona Monitoring and Management docker container
- A new panel that can visualize your deployments by country on a world map based on the region label
- Additional graphs for PostgreSQL providing improved insights of Temp files utilization
- Improved stability of MongoDB Exporter with updates to included the MongoDB driver and Prometheus exporters
- An upgrade to use Grafana 6.7 with many new enhancements
- Added Ubuntu 20.04 support
- A technical preview of new integration (new command) with hundreds of third-party systems through the Prometheus protocol. The new command lets you monitor external services on a node where the pmm-agent is installed.
We have also addressed many bugs, including QAN calculations when a slow log rate limit is used and fixed the empty Evn label issue. For a comprehensive view of this release please refer to the release notes. Download it today and give it a try!