Tag - security

MongoDB Authentication and Roles: Creating Your First Personalized Role

MongoDB Authentication and Roles

In this blog post, we’ll walk through the native MongoDB authentication and roles, and learn how to create personalized roles. It is a continuation of Securing MongoDB instances.

As said before, MongoDB features a few authentication methods and built-in roles that offer great control of both who is connecting to the database and what they are allowed […]

Read more

Percona Server for MySQL in Docker Swarm with Secrets

This quick post demonstrates using Percona Server for MySQL in Docker Swarm with some new authentication provisioning practices.
Some small changes to the startup script for the Percona-Server container image allows us to specify a file that contains password values to set as our root user’s secret. “Why do we need this functionality,” I hear you cry? When we […]

Read more

MongoDB Audit Log: Why and How

MMAPv1

This blog post is another in the series on the Percona Server for MongoDB 3.4 bundle release. In this blog post, we’ll talk about the MongoDB audit log.
Percona’s development team has always invested in the open-source community a priority – especially for MongoDB. As part of this commitment, Percona continues to build MongoDB Enterprise […]

Read more

MySQL Ransomware: Open Source Database Security Part 3

MySQL Ransomware

This blog post examines the recent MySQL® ransomware attacks, and what open source database security best practices could have prevented them.
Unless you’ve been living under a rock, you know that there has been an uptick in ransomware for MongoDB and Elasticsearch deployments. Recently, we’re seeing the same for MySQL.
Let’s look and see if this is MySQL’s fault.
Other […]

Read more

Webinar Thursday, February 23, 2017: Troubleshooting MySQL Access Privileges Issues

Troubleshooting MySQL Access Privileges

Please join Sveta Smirnova, Percona’s Principal Technical Services Engineer, as she presents Troubleshooting MySQL Access Privileges Issues on
February 23, 2017 at 11:00 am PST / 2:00 pm EST (UTC-8).

Do you have registered users who can’t connect to the MySQL server? Strangers modifying data to which they shouldn’t have access?

MySQL supports a rich set of […]

Read more

MongoDB Ransomware: Not Likely, But How Do You Know?

MongoDB Ransomware

In this blog post, we’ll look at some of the concerns recently seen around MongoDB ransomware and security issues.
Security blogs and magazines have recently been aflutter with the news that a hacker is stealing data from MongoDB instantiations and demanding bitcoins to get the data back. This sounds pretty bad at first glance, but […]

Read more

Is Your Database Affected by CVE-2016-6662?

CVE-2016-9962

In this blog post, I will discuss the CVE-2016-6662 vulnerability, how to tell if it affects you, and how to prevent the vulnerability from affecting you if you have an older version of MySQL.
I’ll also list which MySQL versions include the vulnerability fixes.
As we announced in a previous post, there are certain scenarios in Percona […]

Read more

Percona Live Europe featured talk with Ronald Bradford — Securing your MySQL/MariaDB data

Percona Live Europe featured talk

Welcome to another Percona Live Europe featured talk with Percona Live Europe 2016: Amsterdam speakers! In this series of blogs, we’ll highlight some of the speakers that will be at this year’s conference. We’ll also discuss the technologies and outlooks of the speakers themselves. Make sure to read to the end to get a special Percona Live […]

Read more

Webinar Thursday, September 1 – MongoDB Security: A Practical Approach

Percona MySQL and MongoDB Webinars

Please join David Murphy as he presents a webinar Thursday, September 1 at 10 am PDT (UTC-7) on MongoDB Security: A Practical Approach. (Date changed*)

This webinar will discuss the many features and options available in the MongoDB community to help secure your database environment. First, we will cover how these features work and how to […]

Read more