“Dear #MongoDB users, we welcome you in #Azure #DocumentDB.”
That’s the heading on a February 16 Microsoft blog post that’s attempting to appeal to MongoDB devs who may have been affected and/or spooked by recent ransomware attacks on unsecured MongoDB databases.
In January, as many as 27,000 poorly configured MongoDB servers were compromised, with attackers wiping data and demanding ransom for its return.
In its blog post (which I found thanks to an article on The Register), Microsoft itemizes the ways it has secured Azure DocumentDB, including access control and authentication being enabled by default. Microsoft execs also noted in their pitch that DocumentDB supports the protocol for MongoDB, so developers can use DocumentDB as the datastore for apps written for MongoDB without those apps having to be rewritten.
Microsoft’s NoSQL alternative to the open-source MongoDB, Azure DocumentDB, has been around since 2014.
Microsoft’s attempt to capitalize on recent security problems involving MongoDB is a bit kinder and gentler than the usual Microsoft competitive pitches. The call to action at the end of the post suggests users check out tutorials and code samples. But a competitor is still a competitor…
Microsoft is building a ‘world graph’ for geographic data:
Source: SANS ISC SecNewsFeed @ February 17, 2017 at 09:42AM