Steffan Mejia, Principal Consulting Engineer, MongoDB
In this session, we will provide a practical and tactical overview of securing your MongoDB infrastructure. We will address the fundamentals of security and security philosophy. Specifically, we'll look at firewalls, managing logins, encryption, and securing backups. Some of the technologies we'll cover include AppArmor / SELinux, SSH/TLS, and LDAP. We will discuss security practices for MongoDB access control, auditing, at-rest encryption, key management, and securing backups. At the application layer, we will discuss how to avoid CSRF, and command injection.