MongoDB Security: Why Pay for Enterprise when Open Source Has You Covered?

MongoDB Security

Does ensuring MongoDB security justify the cost of the Enterprise version? In my opinion, the answer is no.
MongoDB Inc© blasted an email with a study showing that the average cost of a data breach can be $5.9M. You can find the key finding in IBM’s 2015 report here:
NH Learning Solutions
Key findings:
Data breaches cost the most in the US and […]

Read more

MySQL password expiration features to help you comply with PCI-DSS

password_expired feature which allows to set a user’s password as expired.
This has been added to the mysql.user table and its default value it’s “N.” You can change it to “Y” using the
ALTER USER statement.
Here’s an quick example on how to set expiration date for a MySQL user account:


mysql> ALTER USER ‘testuser’@’localhost’ PASSWORD EXPIRE;


mysql> ALTER […]

Read more

OpenSSH CVE-2016-0777: Details and Mitigation


Earlier today advisories were sent out regarding OpenSSH versions 5.4 through 7.1., informing users about a security bug in the software. In essence, the advisory instructed people to add the  
UseRoaming no option to their ssh_config file, with a promise for further information to be made available shortly.

Add undocumented "UseRoaming no" to ssh_config or use "-oUseRoaming=no" […]

Read more

MongoDB and Percona TokuMX Security Guidelines

Several reports we’re published in the news about how easy it is to access data stored in some NoSQL systems, including MongoDB. This is not surprising because security was rather relaxed in earlier versions of MongoDB . This post lists some of the common vulnerabilities in MongoDB and Percona TokuMX.
Network Security
One key point is […]

Read more

Tips for avoiding malware from a lesson learned

In a recent article on the Percona blog, I recommended readers to a tool called CamStudio for making technical screen recordings. The blog post was very popular and got 300+ Facebook likes in a short time. Providentially though, a reader commented that the installer (as downloaded from the project website) installed “pretty annoying adware […]

Read more