de_clutter

  M ongoDB is a popular NoSQL database that has been widely adopted by many organizations for its scalability and flexibility. However, with the increase in cyber attacks, it is important to ensure that MongoDB databases are secure to prevent data breaches. As a security engineer, I had to face challenges while creating security checks and security plans on MongoDB. I am trying to collate the sweeter grapes of that journey in this write-up. Some resources might seem a bit high-level, but these can be utilized to come down to a granular level as per your org setup or requirements. Let’s begin :) Authentication MongoDB provides authentication features that allow users to access the database only after providing valid credentials. MongoDB supports several authentication mechanisms, including LDAP, Kerberos, and x.509 certificates. However, SSO integrations for authentication have been the best approach so far. There are various SSO providers, as an example you may use OKTA as SSO inte...

There is a big difference between doing pen-tests in IT and doing it in SCADA. Tools and methodology outlines will be almost the same but the main concern is availability. You need to know certain things before attempting to find flaws in industrial networks. Else, you won't realize why shift managers were rushing here and there while you were sitting in their control room with your test laptop. Approach: Always remember we are not trying to prove anything by breaking stuff ruthlessly. A PLC or RTU, stuck in a loop, can delay production for several hours, creating not-so-funny consequences. While trying to assess cyber risk in plants our aim should be clear. Here are few points to keep in mind. Find out unnecessary hosts in the network. These hosts can be legitimate, else they are leaking into the plant network by a badly configured switch or the plant team was badly stuck with finance and they have used a generic switch (those household tp-link/d-link devices).  Try to impersonate...