Articles on Security

NewsBits: Cloudbleed, SHAttered, Drones, PostgreSQL and JDBC, Node's async and Rails 5.1 betas

NewsBits: Cloudbleed, SHAttered, Drones, PostgreSQL and JDBC, Node's async and Rails 5.1 betas

Newsbits for the week ending February 24th - Cloudbleed sees Cloudflare leak secrets, SHA1 collisions made real, Drones vs Ai…

Dj Walker-Morgan
Dj Walker-Morgan
MongoDB and Ransomware

MongoDB and Ransomware

Recent reports in the news of MongoDB databases being hacked are not new but the ransoms demanded for the return of data is a…

Dj Walker-Morgan
Dj Walker-Morgan
Do you know why Compose proxies database connections?

Do you know why Compose proxies database connections?

TL;DR: We use proxies to enable SSL, High Availability and Whitelisting. Because we care. Observant users of Compose will hav…

Dj Walker-Morgan
Dj Walker-Morgan
Introducing FIDO Universal 2nd Factor Authentication

Introducing FIDO Universal 2nd Factor Authentication

To better help you ensure your account is safe and secure with Compose, we've expanded our authentication system to support F…

Thom Crowe
Thom Crowe
Compose's Little Bits #16 - PostgreSQL, RethinkDB, LIGO, htop

Compose's Little Bits #16 - PostgreSQL, RethinkDB, LIGO, htop

PostgreSQL updates and advice, RethinkDB on Windows, SQL querying LIGO data, CSV on the Web, Parse updates, htop, securityhea…

Dj Walker-Morgan
Dj Walker-Morgan
PLV8 for PostgreSQL and CIDR for all

PLV8 for PostgreSQL and CIDR for all

We've been making some small, but significant, enhancements to your database experience at Compose, so we thought now would b…

Dj Walker-Morgan
Dj Walker-Morgan
We're Applying The Redis Security Fix Now

We're Applying The Redis Security Fix Now

Redis users on Compose are being updated to Redis 2.8.21. Although it is a minor version update from 2.8.20 it includes a fix…

Dj Walker-Morgan
Dj Walker-Morgan
Elasticsearch Security Update - Groovy Scripting Dropped

Elasticsearch Security Update - Groovy Scripting Dropped

Last month, Elasticsearch disclosed a security vulnerability in the database's Groovy dynamic scripting and the sandbox desi…

Dj Walker-Morgan
Dj Walker-Morgan
Lock Your MongoDB: Don’t Be Too Open for Business

Lock Your MongoDB: Don’t Be Too Open for Business

If we needed reminding about security, a recently published paper "MongoDB databases at risk", has run a port scan and identi…

Dj Walker-Morgan
Dj Walker-Morgan
Security: How We Are Responding to the Ghost Vulnerability

Security: How We Are Responding to the Ghost Vulnerability

Excuse us while while our Operations team do some Ghostbusting. A recently disclosed security flaw, given the name Ghost but…

Dj Walker-Morgan
Dj Walker-Morgan
How to Securely Access Your Compose Databases

How to Securely Access Your Compose Databases

Our new access portals, available on Elasticsearch, RethinkDB and Redis have had people asking us which one should they use,…

Dj Walker-Morgan
Dj Walker-Morgan
Elasticsearch IP Whitelisting & Phonetic Plugins

Elasticsearch IP Whitelisting & Phonetic Plugins

IP Whitelists for Elasticsearch Compose users who've been trying out the Elasticsearch beta will notice a new Security tab in…

Dj Walker-Morgan
Dj Walker-Morgan

Two-Factor Authentication Made Authfully Easy

We’re excited to announce today that we’re taking Authful -- our API for Two Factor Authentication (2FA), which we believe is…

Default avatar The default author avatar
Lisa Bergamo

Two-Factor Authentication & Security Auditing Now Available for all MongoHQ Accounts

Today, we’re rolling out two new security features to help all MongoHQ users to take control of their account security: two-…

Elisabeth Morgan
Elisabeth Morgan

Encrypting Sensitive Data in Your MongoDB Database

With MongoDB making its way into different, and sometime sensitive, applications, we are helping customers with a number of q…

Paul Rubin
Paul Rubin