-
Notifications
You must be signed in to change notification settings - Fork 1.7k
/
security.txt
133 lines (94 loc) · 3.73 KB
/
security.txt
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
.. _security:
========
Security
========
.. contents:: On this page
:local:
:backlinks: none
:depth: 1
:class: singlecol
.. default-domain:: mongodb
.. facet::
:name: genre
:values: reference
.. meta::
:description: Secure MongoDB deployments. Use authentication, access control, and encryption features to safeguard data.
MongoDB provides various features, such as authentication, access
control, encryption, to secure your MongoDB deployments. Some key
security features include:
.. list-table::
:header-rows: 1
:widths: 20 20 20 20 20
* - Authentication
- Authorization
- TLS/SSL
- Enterprise Only
- Encryption
* - :doc:`/core/authentication`
:doc:`/core/security-scram`
:doc:`/core/security-x.509`
- :doc:`/core/authorization`
:doc:`/tutorial/enable-authentication`
:doc:`/tutorial/manage-users-and-roles`
- :doc:`/core/security-transport-encryption`
:doc:`/tutorial/configure-ssl`
:doc:`/tutorial/configure-ssl-clients`
- :doc:`/core/kerberos`
:doc:`/core/security-ldap`
:doc:`/core/oidc/security-oidc`
:doc:`/core/auditing`
:ref:`log-message-log-redaction`
- :ref:`qe-manual-feature-qe`
:ref:`manual-csfle-feature`
:ref:`security-encryption-at-rest`
:ref:`transport-encryption`
Secure Your {+atlas+} Deployments
----------------------------------------
{+atlas+}, the fully managed service for MongoDB deployments
in the cloud, comes preconfigured with secure default settings.
Atlas also provides the following key security features:
.. list-table::
:header-rows: 1
:widths: 30 70
* - Security Feature
- Description
* - Authentication and Authorization
- In Atlas, you configure database users to access your
deployments. Atlas provides various ways to perform
user authentication and authorization,
including LDAP, OIDC, and X.509. To learn more, see
:atlas:`Configure Authentication and Authorization
</security/config-db-auth/>`.
* - Encryption
- By default, Atlas encrypts all data stored in your
deployments and uses TLS/SSL to encrypt the connections to your
databases. To add another layer of security, you can configure
:atlas:`Encryption at Rest using Customer Key Management
</security-kms-encryption>`.
* - IP Access List
- Atlas allows connections only from addresses specified in
the IP access list. To learn how to manage client connections
in Atlas, see :atlas:`Configure IP Access List Entries
</security/ip-access-list/>`.
* - Cloud Provider Support
- Atlas supports network peering connections and private endpoints
to secure your deployments hosted on AWS, Azure, and Google Cloud.
To learn more, see :atlas:`Set Up a Network Peering Connection
</security-vpc-peering/>` and :atlas:`Configure Private Endpoints
</security-configure-private-endpoints/>`.
For a full list of security features in Atlas, see
:atlas:`Security Features for Clusters </setup-cluster-security/>`.
Report Suspected Security Bugs
------------------------------
If you suspect you have `identified a security bug
<https://www.mongodb.com/company/contact/mongodb-vulnerability-disclosure-policy>`_
on any MongoDB products, please submit the issue using our
`Security Bug Submission Form <https://www.mongodb.com/bug-submission-form>`_.
.. toctree::
:titlesonly:
:hidden:
SCRAM </core/security-scram>
x.509 </core/security-x.509>
Encryption </core/security-data-encryption>
Use Field Level Redaction </tutorial/implement-field-level-redaction>
Create a Vulnerability Report </tutorial/create-a-vulnerability-report>