MongoDB Authentication Scanning Modernization - LDAP saslauthd support

Tenable is updating Nessus plugins libraries to allow customers to have improved scanning of MongoDB databases on their systems. For years, Tenable products have supported scanning of MongoDB databases, and we have been working on supporting newer authentication mechanisms. Currently, Tenable products will support the older MONGODB-CR method, as well as SCRAM-SHA-1 method. For customers using MongoDB Enterprise, LDAP authentication to an Active Directory system (using saslauthd) is now available for use as well.

Impact

Customers currently executing MongoDB scans may now have increased ability to authenticate to MongoDB Enterprise instances using LDAP and SCRAM-SHA-1 authentication. 

Changes

No changes needed for existing scan policies. Expanded possibilities for MongoDB Enterprise LDAP scan authentication in customer environments where LDAP is supported.

Target Release Date

Immediate

--------------------------------------------------------------------------------------

Tenable Research Release Highlights are posted in advance of significant new releases or updates to existing plugins or audit files that are important for early customer notification.