by Ibrar Ahmed | Aug 23, 2021 | Insight for DBAs, PostgreSQL, Security
Security is everybody’s concern when talking about data and information, and therefore it becomes the main foundation of every database. Security means protecting your data from unauthorized access. That means only authorized users can log in to a system called...
by Robert Bernier | Jun 28, 2021 | Insight for DBAs, Open Source, PostgreSQL, Security
PgBouncer is a great piece of technology! Over the years I’ve put it to good use in any number of situations requiring a particular type of control over application processes connecting to a postgres data cluster. However, sometimes it’s been a bit of a...
by Marco Tusa | Jun 15, 2021 | Insight for DBAs, MySQL, Security
When organizing things helps to simplify life. In the previous article, we start to explore dynamic privileges and the interaction with static ones. We also saw how to remove SUPER privilege from a DBA account. What we did was go by subtraction. But in real life, we...
by IP | Jun 10, 2021 | Cloud, MongoDB, Security
MongoDB supports multiple authentication mechanisms, including the default one SCRAM, LDAP, Kerberos, and x.509 Certificate Authentication. In the X.509 system, which will be the main point of this blog post, an organization can identify its entities using a pair of...
by Jean da Silva | Jun 2, 2021 | Cloud, MongoDB, Percona Software, Security
One of the main topics we have today is surely about security. On a daily routine, this can pass unnoticed, but sooner or later, we have to implement or work on some security guidelines. And today, we are going to discuss one of them, which is Field Encryption. ...
by Ibrar Ahmed | Feb 1, 2021 | Insight for DBAs, PostgreSQL, Security
Recently, I wrote an overview about what you need to know about PostgreSQL security. For this post, I want to write about PostgreSQL authentication. It is divided into three categories: 1. PostgreSQL Internal Authentication, 2. OS-based Authentication, and 3. External...
by Mike Grayson | Jan 26, 2021 | Insight for DBAs, MongoDB, Monitoring, Percona Software
Percona Monitoring and Management (PMM) is a great way to monitor your MongoDB deployment for things like memory, CPU, inter-database metrics like wiredTiger cache utilization, read/write ticket utilization, Query Analytics, and many, many more. Did you know that in...
by Brian Sumpter | Jan 7, 2021 | Database Trends, MySQL, Percona Services, Security
In previous TAM Enterprise Experiences posts, we have outlined typical aspects of utilizing MySQL in an Enterprise environment. One thing we have not yet covered is the topic of database encryption, both from the standpoint of business requirements as well as some of...
by Corrado Pandiani | Dec 9, 2020 | Insight for DBAs, Monitoring, Percona Software, Security
Whichever way you installed Percona Monitoring and Management 2 (PMM2), using the docker image or an OVF image for your supported virtualized environment, PMM2 enables, by default, two ports for the web connections: 80 for HTTP and 443 for HTTPS. Using HTTPS...
by Peter Zaitsev | Dec 7, 2020 | MySQL, Open Source, Security
As you may know, MySQL 5.6 will reach EOL (“End of Life”) in February 2021. This means in about two months, there will be no more updates, and more importantly, no more security fixes for discovered vulnerabilities. You may be well ahead of the curve...
by Charly Batista | Dec 4, 2020 | MySQL, Open Source, Security
Getting MySQL working with self-signed SSL certificates is pretty simple. Having it working with a certificate signed by a trusted authority is also very simple, we just need to set the correct path and privileges to the file. The problem comes when we need to make...
by Ibrar Ahmed | Sep 30, 2020 | PostgreSQL, Security
PostgreSQL 13 is released with some cool features, such as index enhancement, partition enhancements, and many others. Along with these enhancements, there are some security-related enhancements that require some explanation. There are two major ones: one is related...
by Nicola Lamacchia | Sep 29, 2020 | Insight for Developers, Monitoring, Percona Software, Security
With version 2.9.1 of Percona Monitoring and Management (PMM) we delivered some new improvements to its Security Threat Tool (STT). Aside from an updated user interface, you now have the ability to run STT checks manually at any time, instead of waiting for the normal...
by Avinash Vallarapu | Sep 22, 2020 | Monitoring, Percona Software, PostgreSQL, Security
I have previously written a blog post on the detailed steps involved in enabling PostgreSQL monitoring using PMM. In that post, you could see me talking about the role: pg_monitor that can be granted to monitoring users. The pg_monitor role restricts a monitoring user...
by Mike Grayson | Sep 21, 2020 | Insight for DBAs, Insight for Developers, MongoDB, Security
As with any database platform, MongoDB security is of paramount importance to keeping your data safe. MongoDB and other data platforms like Redis and Elasticsearch are often in the news for data breaches because of misconfigured settings in the database. So how do...
by Matt Yonkovit | Aug 5, 2020 | Database Trends, Insight for DBAs, Security
How many times have we seen this headline lately: “X million records leaked in data breach”? The answer is, too many! In fact, because “millions of records” are starting to leak so frequently, larger news outlets are not covering the “smaller” leaks as often as they...
by Daniel Guzmán Burgos | Jul 22, 2020 | Insight for DBAs, Monitoring, Percona Software, Security
The Security Threat Tool has been available since Percona Monitoring and Management 2.6.0 (PMM) and starting from that first release it is proving to be a severely-needed feature. If you’re not familiar with the Security Threat Tool (STT), it helps you to ensure...
by David Quilty | Jul 8, 2020 | MongoDB, Security, Webinars
MongoDB, like most any other commercial database you might care to name, has these five security subsystems: Authentication Authorization Network Encryption Data-at-rest Encryption Auditing In this on-demand webinar, you’ll first learn which threat each of the...
by David Quilty | Jul 1, 2020 | Monitoring, Percona Software, Security, Webinars
Data breaches seem to be a daily occurrence, so much so that seeing an article about the latest company to fall victim draws little attention outside of those immediately impacted. That is of course unless that company is yours and data security is your...
by Artem Gavrilov | Jun 29, 2020 | Insight for Developers, Monitoring, Percona Software, Security
Security Threat Tool (STT) is the new Percona Monitoring and Management (PMM) feature. It provides the ability to run automated security checks across all of your databases and detect potential security problems. For example: empty or default passwords, weak security...
