Security

Postgresql_fdw Authentication Changes in PostgreSQL 13

Postgresql_fdw Authentication Changes in PostgreSQL 13

PostgreSQL 13 is released with some cool features, such as index enhancement, partition enhancements, and many others. Along with these enhancements, there are some security-related enhancements that require some explanation. There are two major ones: one is related to libpq and the other is related to postgres_fdw. As it is known that postgres_fdw  is […]

Read more

Using Security Threat Tool and Alertmanager in Percona Monitoring and Management

security threat tool percona monitoring and management

With version 2.9.1 of Percona Monitoring and Management (PMM) we delivered some new improvements to its Security Threat Tool (STT).
Aside from an updated user interface, you now have the ability to run STT checks manually at any time, instead of waiting for the normal 24 hours check cycle. This can be useful if, for […]

Read more

Using Security Definer to Monitor PostgreSQL 9.6 or Earlier Using Percona Monitoring and Management

security definer postgresql

I have previously written a blog post on the detailed steps involved in enabling PostgreSQL monitoring using PMM. In that post, you could see me talking about the role: pg_monitor that can be granted to monitoring users. The
pg_monitor role restricts a monitoring user from accessing user data but only grants access to statistic […]

Read more

MongoDB 101: 5 Configuration Options That Impact Security (And How to Set Them)

MongoDB Security

As with any database platform, MongoDB security is of paramount importance to keeping your data safe.  MongoDB and other data platforms like Redis and Elasticsearch are often in the news for data breaches because of misconfigured settings in the database.  So how do you keep you and your company’s data from being compromised and […]

Read more

Securing MongoDB: Top Five Security Concerns

securing mongodb

“I think most of the time hackers behind the attacks do it just for fun, because they can and because it’s very simple”, — says Diachenko. Source: “Meowing” attack completely destroyed more than 1000 databases
These are the words of Bob Diachenko, one of the most respected cybersecurity researchers in relation to the last “Meowing” […]

Read more