25
SECURITY Monika Mathur FullStack Developer Habilelabs.io

MongoDB Security Introduction - Presentation

Embed Size (px)

Citation preview

Page 1: MongoDB Security Introduction - Presentation

SECURITY

Monika MathurFullStack Developer

Habilelabs.io

Page 2: MongoDB Security Introduction - Presentation

CONTENTS

1. Introduction MongoDB security

2. Why mongoDB security important

3. How to secure your mongodb

Page 3: MongoDB Security Introduction - Presentation

SECURITY

Page 4: MongoDB Security Introduction - Presentation

Niall Merrigan, security researcher and Microsoft developer based in norway, has been tracking the mongodb ransom incidents, and in one day, he saw the number of attacks more than double from 12,000 to 27,633.

SECURITY ATTACKS

Page 5: MongoDB Security Introduction - Presentation

Attackers have been accessing databases, copying files, deleting everything and leaving a ransom note promising the return of the data for a fee.

WHAT HACKER DO WITH DATABASES

Page 6: MongoDB Security Introduction - Presentation

SECURE YOUR DATABASE

Page 7: MongoDB Security Introduction - Presentation

REFERENCE ARCHITECTURE

Clients

Storage

Administrators

Authentication Authorization Auditing Encryption

Page 8: MongoDB Security Introduction - Presentation

AUTHENTICATION

Clients

Storage

Administrators

Authentication Authorization Auditing Encryption

Which users/apps are accessing the

DB

Which nodes are joining the cluster

Which users are accessing

the DB

Page 9: MongoDB Security Introduction - Presentation

AUTHENTICATION MECHANISM

Client/User Auth• SCRAM-SHA-1

• MONGODB-CR

• X.509

• LDAP

• Kerberos

Internal Auth• Keyfile (SCRAM-SHA-1)

• X.509

Page 10: MongoDB Security Introduction - Presentation

AUTHENTICATION MECHANISM

SCARAM-SHA-1

MONGODB-CR

X.509

LDAP

Kerberos

Community

Page 11: MongoDB Security Introduction - Presentation

AUTHORIZATION

Clients

Storage

Administrators

Authentication Authorization Auditing Encryption

What permissions does an App

have?

What permissions

does an Admin have?

What data can a user see?

What data can an admin see?

Page 12: MongoDB Security Introduction - Presentation

WHY ROLE BASE ACCESS CONTROL

Page 13: MongoDB Security Introduction - Presentation

BUILT IN ROLES

Page 14: MongoDB Security Introduction - Presentation

USER-DEFINED ROLES

Page 15: MongoDB Security Introduction - Presentation

ACTIONS

Page 16: MongoDB Security Introduction - Presentation

RESOURCES

Page 17: MongoDB Security Introduction - Presentation

AUDITING

Clients

Storage

Administrators

Authentication Authorization Auditing Encryption

Who made which changes

and when?

Who made which changes

and when?

Page 18: MongoDB Security Introduction - Presentation

AUDITING

1. Add accountability

2. Investigate suspicious activity

3. Monitor database activity

Page 19: MongoDB Security Introduction - Presentation

AUDITING

Page 20: MongoDB Security Introduction - Presentation

ENCRYPTION

Clients

Storage

Administrators

Authentication Authorization Auditing Encryption

SSL Encryption

SSL Encryption

File system Encryption

Page 21: MongoDB Security Introduction - Presentation

ENCRYPTION TYPE

1. Transport Encryption

2. Encryption at rest

Page 22: MongoDB Security Introduction - Presentation

TRANSPORT ENCRYPTION

Page 23: MongoDB Security Introduction - Presentation

ENCRYPTION AT REST

Page 24: MongoDB Security Introduction - Presentation

Thank You

Page 25: MongoDB Security Introduction - Presentation

CONTACT US

• Development Center :Habilelabs Pvt. Ltd.4th Floor, I.G.M. Senior Secondary Public School Campus,Sec-93 Agarwal Farm, Mansarovar, Jaipur(Raj.) – 302020

• Email : [email protected]

• Web : https://habilelabs.io

• Telephone: +91-9828247415 / +91-9887992695

http://habilelabs.io/

MongoDB and using MongoDB with .NET

MongoDB and using MongoDB with .NET

Documents
title: “MongoDB”, type: meetup presentation”, speaker ...budapestnosql.hu/letoltes/2016/warmup_mongodb_nosql_forum_2016… · title: “MongoDB”, type: “meetup presentation”,

title: “MongoDB”, type: meetup presentation”, speaker ...budapestnosql.hu/letoltes/2016/warmup_mongodb_nosql_forum_2016… · title: “MongoDB”, type: “meetup presentation”,

Documents
MongoDB Evenings Minneapolis: Medtronic's MongoDB Journey

MongoDB Evenings Minneapolis: Medtronic's MongoDB Journey

Technology
Securing MongoDB to Serve an AWS-Based, Multi-Tenant, Security-Fanatic SaaS Application

Securing MongoDB to Serve an AWS-Based, Multi-Tenant, Security-Fanatic SaaS Application

Technology
Checklist MongoDB Security - Percona · 3 Agenda Authorization External Authentication SSL / TLS Encryption Filesystem Security SELinux Network Security

Checklist MongoDB Security - Percona · 3 Agenda Authorization External Authentication SSL / TLS Encryption Filesystem Security SELinux Network Security

Documents
Spring + QueryDSL + MongoDB Presentation

Spring + QueryDSL + MongoDB Presentation

Data & Analytics
MongoDB Tick Data Presentation

MongoDB Tick Data Presentation

Technology
Neo4j + MongoDB - SF Graph Database Meetup Group Presentation

Neo4j + MongoDB - SF Graph Database Meetup Group Presentation

Software
Building Web Applications With MongoDB Presentation

Building Web Applications With MongoDB Presentation

Documents
MongoDB: What, why, when. Solutions Architect, MongoDB Inc. Massimo Brignoli #mongodb

MongoDB: What, why, when. Solutions Architect, MongoDB Inc. Massimo Brignoli #mongodb

Documents
Security Features in MongoDB 2.4

Security Features in MongoDB 2.4

Technology
Scaling MongoDB - Presentation at MTP

Scaling MongoDB - Presentation at MTP

Data & Analytics
Automate MongoDB with MongoDB Management Service

Automate MongoDB with MongoDB Management Service

Technology
Шардинг в MongoDB, Henrik Ingo (MongoDB)

Шардинг в MongoDB, Henrik Ingo (MongoDB)

Internet
MongoDB Security (Users & Roles) - juan royjuanroy.es/wp-content/uploads/2017/03/MongoDB-UsersRoles.pdf · MongoDB - The Roles 8 MUG Madrid 22 March 2017 Roles must be standard. When

MongoDB Security (Users & Roles) - juan royjuanroy.es/wp-content/uploads/2017/03/MongoDB-UsersRoles.pdf · MongoDB - The Roles 8 MUG Madrid 22 March 2017 Roles must be standard. When

Documents
Homework presentation Rapid Web Development with MongoDB and Node.js

Homework presentation Rapid Web Development with MongoDB and Node.js

Documents
Mongodb Presentation

Mongodb Presentation

Software
A Presentation on MongoDB Introduction - Habilelabs

A Presentation on MongoDB Introduction - Habilelabs

Technology
MongoDB Days UK: MongoDB and Spark

MongoDB Days UK: MongoDB and Spark

Technology
Introduction to MongoDB Presentation

Introduction to MongoDB Presentation

Documents
Leveraging MongoDB as a Data Store for Security Data

Leveraging MongoDB as a Data Store for Security Data

Technology
z/TPF Support For MongoDB Enhancements€¦ · administrator to define MongoDB collections that only exposes a subset of the data contained in them. • Implemented for security reasons,

z/TPF Support For MongoDB Enhancements€¦ · administrator to define MongoDB collections that only exposes a subset of the data contained in them. • Implemented for security reasons,

Documents
Klmug presentation - Simple Analytics with MongoDB

Klmug presentation - Simple Analytics with MongoDB

Technology
MongoDB World 2016: MongoDB & IBM

MongoDB World 2016: MongoDB & IBM

Technology
MongoDB Security Guide

MongoDB Security Guide

Documents
MongoDB Europe 2016 - Debugging MongoDB Performance

MongoDB Europe 2016 - Debugging MongoDB Performance

Data & Analytics
Pentaho Analytics for MongoDB - presentation from MongoDB World 2014

Pentaho Analytics for MongoDB - presentation from MongoDB World 2014

Business
Time Series Data in MongoDB Senior Solutions Architect, MongoDB Inc. Massimo Brignoli #mongodb

Time Series Data in MongoDB Senior Solutions Architect, MongoDB Inc. Massimo Brignoli #mongodb

Documents
MongoDB Security Checklist - percona.com · Golang. Log File: PSMDB Log Redaction Percona Server for MongoDB feature Also available in MongoDB Enterprise binaries Allows the redaction

MongoDB Security Checklist - percona.com · Golang. Log File: PSMDB Log Redaction Percona Server for MongoDB feature Also available in MongoDB Enterprise binaries Allows the redaction

Documents
MongoDB Security Users & Roles

MongoDB Security Users & Roles

Data & Analytics