Stay Ahead With Linux Security Features
security advisory attack A Linux server gets cleaned up after an intrusion. The suspicious process is terminated, credentials are rotated, and the system is rebooted during maintenance. Everything seems secure. A few hours later, the same outbound connection appears again. . Situations like that point to persistence . The attacker no longer needs the original exploit because something on the host continues restoring access behind the scenes. Finding that mechanism is often more important than understanding how the...
Jun 08, 2026
threat detection scalability Building a SIEM is easier than scaling one. Most open-source deployments start as a simple "all-in-one" server. It is easy to set up, but that design rarely survives the transition from a lab to a production workload. . A SIEM watching 20 endpoints is not doing the same job as one watching 500. More endpoints mean more logs; more logs require more storage; more storage makes search heavier. Eventually, the very architecture that made your lab easy to deploy becomes the reason your production...
Jun 04, 2026
security advisory apache A newly disclosed attack technique called HTTP/2 Bomb is drawing attention because it targets the software that sits at the front of much of the Linux internet. Apache HTTP Server, NGINX, Envoy, and the ingress layers that many Kubernetes environments depend on can be forced into consuming disproportionate amounts of memory using relatively small amounts of attacker traffic. . For Linux administrators, the concern is not the HTTP/2 protocol itself. It is the possibility that a single...
Jun 04, 2026
security advisory important The compromise of Nx Console shows how much infrastructure now sits behind a single developer account. GitHub repositories, CI/CD pipelines, container build systems, Terraform projects, Kubernetes deployments. None of those systems was the initial target. The workstation was. . Attackers did not need a Linux privilege escalation bug or a remote code execution chain. They needed developers to trust a tool they were already using. For many organizations, that was enough. What Happened? Federal...
Jun 03, 2026
security advisory open-source You remove the malware. You rotate the compromised credentials. You patch the original vulnerability and close the ticket. Two weeks later, the attacker is back. . What happened? You didn't lose the battle at the exploit; you lost it at the cleanup. In many modern Linux intrusions, the malware you found wasn't the main problem—it was the fallback mechanisms left behind. These hooks quietly restore attacker access the moment you look away. If you clean a host but miss these persistence layers,...
Jun 02, 2026
Refine features
X Clear Filters
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Community Poll
What got you started with Linux?
Loading...
Explore Latest Linux Security features
We found -2 articles for you...
102
security advisoryopen sourcedatabaseRavenDB: A Trusted NoSQL Solution for Secure Data Management
RavenDB , the veteran transactional NoSQL database, is used by hundreds of startups and many Fortune 500 companies around the world thanks to its reputation as an agile , safe , efficient , and stable database. RavenDB can integrate with and complement almost any existing data system with its impressive set of built-in features . . Read on to learn what competitive advantages RavenDB offers and how it has become so trustworthy, effective, and easy to use. We recommend RavenDB for its: Agility Zero to MVP consistently chooses RavenDB over SQL thanks to its adaptability, and over MongoDB thanks to its indexing prowess, which hyper-boosts performance by running operations and calculations in the indexes instead of repetitively in queries. Safety Why are there no known RavenDB breaches , while thousands of MongoDB and MySQL servers get hacked every year on average? Efficiency When e-book giant Rakuten Kobo switched from CouchBase to RavenDB , they saw 80% reduced costs in high-performance cloud usage, query performance improvement in orders of magnitude when under load, and better stability. Similarly, switching from MongoDB to RavenDB enabled IoT Bridge to go from 30 safe transactions/second to 120,000/second and automatically create indexes in response to new types of queries. Stability Beatman has been thriving with RavenDB for over 10 years to give its customers the fastest path to a successful application launch imaginable. In this article: How RavenDB has Earned LinuxSecurity’s Trust High Security is the Default in RavenDB Developer-friendly model of listening to its users Easy onboarding RavenDB 5.4: New Features & Capabilities Instant message streaming via ETL to Kafka Resilient and persistent queuing via ETL to RabbitMQ Data-driven insights, live visualization, and observation via integration with Grafana How RavenDB Has Earned LinuxSecurity’s Trust High Security is the Default in RavenDB. Youwon't likely find examples of hacked RavenDB servers, while thousands of SQL and MongoDB servers are breached every year. Data Security is crucial, so RavenDB makes it quick, easy, and fail-safe to certify, encrypt and back up databases. Basically, RavenDB is intuitive to secure and doesn't allow an unsecured database to run in production. By listening to its users, RavenDB has become a model of what it means to be a developer-friendly database. They offer readily available training and thorough documentation to allow for fast adoption of features. In each release, it utilizes communication from its customers to strengthen its legacy of offering efficient, versatile, stable, and highly secure distributed database services. For over a decade, RavenDB has been leveraging open-source development to pioneer data management innovation. As open source security advocates, we love RavenDB’s open-source approach to managing and securing data. It has enabled the renowned fully transactional, distributed NoSQL document database to surpass competitors in areas including usability, integration, and data security. RavenDB Founder, CEO, and Lead Developer Oren Eini feels that RavenDB’s use of the open-source development model has enhanced the database’s feature set and contributed to its immense popularity. He explains, “It is extremely beneficial to be able to engage in a proper discussion with a customer, and the fact that our entire codebase is open-source and available in our code repository has made it easy to get to the root cause of issues quickly .” RavenDB’s intense focus on usability is another critical factor that enhances the level of security the database offers developers. Eini explains, “Usability and security are closely tied. Our approach to security embodies operational simplicity and automation.” Intuitive Onboarding for New Users thanks to a Unique Philosophy on Support. RavenDB treats onboarding and support as an expense, instead of an actual revenue source. This isdone to force it to be more intuitive and effective. Its CEO and head department engineers are on the support team to provide fantastic tech support while keeping their fingers on the pulse of users’ needs. This positions them to add to or improve its already impressive set of features and onboarding materials. When a customer gets stuck and reaches out for help, it triggers feature enhancements and the improvement of onboarding services, such as documentation, training, code-walkthroughs, and developer advocacy. RavenDB has made it as easy as possible to learn how to set up a safe, efficient, agile, and stable system. See for yourself how easy it is to start a database and implement various features. Click the link for a summarized intro to RavenDB , including comparisons with other leading databases. RavenDB 5.4: New Features & Capabilities RavenDB offers the adaptability of document-based data modeling, with its unique cost and time-saving indexes, and game-changing integrations with other data systems such as OLAP, SQL, and more. The release of RavenDB 5.4 brings various new features and capabilities to the open-source NoSQL document database, most notably Kafka ETL for messaging, RabbitMQ for queueing & Grafana for data visualization and observability. RavenDB can now seamlessly integrate with existing ecosystems, pushing events into Kafka topics, and talking to the RabbitMQ message broker. In addition, those using Grafana can now pull and visualize data from their RavenDB database. Let’s explore these defining new features of RavenDB 5.4 in more depth. ETL to Kafka Kafka is one of the standard solutions for event streaming, used by thousands of companies around the world to build high-performance data pipelines. With RavenDB 5.4, instead of implementing application code pushing messages and events to Kafka, users can now offload this task to their database. Kafka ETL support allows RavenDB to take the role of message producer in a Kafka architecture. This ongoing taskwill extract data from the database, transform it with a custom script, and load the resulting JSON object to a Kafka destination. Not only will this shorten development time, but users will also be able to rely on this persistent mechanism that implements a retry process to resiliently push their messages to Kafka. ETL to RabbitMQ Further supporting the implementation of distributed systems, 5.4 has added Ongoing Tasks that can transform and enqueue documents from RavenDB into RabbitMQ’s queueing infrastructure. Instead of implementing code that would push messages to RabbitMQ, users can rely on a robust and reliable ETL mechanism that will extract documents from their database, transform them with a custom script, and hand them over to RabbitMQ. Not only will this shorten development time, but users will also be able to rely on this persistent mechanism that implements a retry process to resiliently enqueue their messages. With these ETL features, RavenDB opens up a whole new world of architectural patterns and dramatically reduces complexity. Grafana Data Source Plugin Grafana is one of the leading open-source solutions for data visualization and observability. Until this version, RavenDB was offering exposure of telemetry data to Grafana via the Telegraf plugin. With RavenDB 5.4, users can now use their RavenDB database as a Data Source for Grafana. With Grafana’s analytics and interactive visualization capabilities, users can understand their data quickly, observe trends and patterns, and make informed decisions. Final Thoughts Transparency, efficiency, and observability are high-priority characteristics that should be taken into consideration when evaluating a NoSQL database, and RavenDB has demonstrated excellence in all of these key areas. The release of Version 5.4 enhances usability and improves data visualization and observability for clients, making it a fantastic option for developers looking for a fast, secure, and user-friendly database for the development of businessapplications. RavenDB 5.4 can be downloaded download . About RavenDB RavenDB is a fully transactional distributed NoSQL document database that delivers a friction-free development and deployment experience, high availability, and world-class performance with zero effort. Supporting on-premise, cloud deployments, and edge deployments, its multi-master replication allows you to sync your data globally even in hybrid scenarios. For more information, visit https://ravendb.net/ . . Discover the benefits of RavenDB and why it s esteemed as a reliable NoSQL database for secure, efficient data management. NoSQL Database, RavenDB, Open Source Security, Data Management, Transactional Database. . Brittany Day
Aug 24, 2022
•
102
information securityopen sourcedatabaseRavenDB 5.0: Security-Focused NoSQL Database Meets Open Source Innovation
RavenDB is at the forefront of data management innovation - leveraging open-source development and an intense focus on usability to offer efficient, versatile and highly secure database services to business application developers worldwide. The latest release of the open-source NoSQL document database, RavenDB 5.0, accommodates both local and hosted environments, and adds time series support and document compression to its robust feature set. . As open source security enthusiasts, we are particularly interested in RavenDB’s open-source approach to managing and securing data - and how this approach has enabled RavenDB to surpass competitors in areas including usability, integration and data security. To gain an in-depth understanding of the company’s latest release, we spoke with RavenDB Founder, CEO and Lead Developer Oren Eini about the defining features of RavenDB and RavenDB Cloud, some notable use cases, security considerations - and more. Secure, User-Friendly Data Management for Both On-Premise and Hosted Environments Through RavenDB 5.0 and RavenDB Cloud , the RavenDB 5.0 release brings efficient, integrated and highly secure data management supported by a robust feature set to both on-premise and database-as-a-service clients. All of the purpose-driven components that comprise RavenDB 5.0 were built from the ground up - resulting in a database that is fast, fully integrated and widely available. RavenDB also offers enhanced data security through usability - a defining characteristic that sets the database apart from its competitors. The company uniquely views support as a cost center as opposed to a revenue center. Insight gained through RavenDB support calls is used to modify the database to make such calls unnecessary in the future. Eini explains, “Viewing support as a revenue center disincentivizes vendors to create user-friendly products, which has drastic negative implications for data security. Usability and security are closely tied. Database breaches continuallydemonstrate that having complex security is equivalent to having no security at all.” Eini elaborates, “Our approach to security embodies operational simplicity and automation.” The Power of Community Another defining characteristic of RavenDB is the company’s transparent, open-source approach to development. Eini feels that RavenDB’s use of the open-source development model has both contributed to the popularity of the database and greatly enhanced its feature set. He explains, “Feedback provided by members of the open-source community has been pivotal in improving RavenDB. It is extremely beneficial to be able to engage in a proper discussion with a customer, and the fact that our entire codebase is open-source and available in our code repository has made it easy to get to the root cause of issues quickly.” Eini adds, “Being a part of the open-source community has also enhanced the features we offer. RavenDB’s automatic indexing support and transparent data encryption, for instance, were created by the open-source community and are now among the database’s central features.” The release of RavenDB 5.0 adds two key new features to a rapidly-expanding list: time series support, which enables users to track time serie s data, and document compression, a feature that analyzes documents to identify commonalities between them and efficiently compresses data between documents. The document compression feature cut cloud storage costs in version 5.0 by an impressive 50%. RavenDB vs. RavenDB Cloud: How Do The Two Compare? RavenDB 5.0 and RavenDB Cloud make the RavenDB 5.0 release ideal for developers looking to deploy an on-premise database, as well as those seeking a hosted platform. Eini explains the benefits of both scenarios, “For some users such as healthcare and financial institutions, having full control over the entire stack is important. Others need a database that can be deployed on the edge, where connectivity isn’t assured. For these users, the ability todeploy on location, without any external requirement, is very important.” He elaborates, “Running on cloud enables developers to push all the operations overhead to someone else, making it much easier to provision and make changes on the fly.” That being said, the on-premise and cloud versions of RavenDB are essentially identical, both running the same binaries and offering the same capabilities. In terms of security, both take similar measures to protect sensitive data, including X509 certificate authentication and encryption of all data over the wire, the ability to limit connections to specific IP addresses or ranges at the network level and full auditing support for all operations. RavenDB Cloud integrates a selection of additional awareness behaviors and automated security measures. Environmental information is incorporated into RavenDB instances to allow them to better calibrate themselves to environmental factors. For example, when using burstable instances, RavenDB Cloud reports the status of CPU credits to reduce background tasks when running low. In RavenDB Cloud, backups are encrypted by default, whereas the on-premise version of RavenDB requires users to select an encryption key if the database is not already encrypted. Despite these differences, Eini feels that the level of security that users can expect from RavenDB Cloud and RavenDB 5.0 is roughly comparable. He reflects, “The main difference is the additional steps that on-premise users have to go through. With RavenDB Cloud’s fully-managed services, virtually everything is done for the user.” He adds, “With both versions, we pay a lot of attention to the security of the system in general.” Although RavenDB Cloud offers a high level of convenience through increased automation and fully-managed services, the majority of RavenDB customers run on-premise or edge systems. Over 70% of these systems run on Linux, with the rest running on Windows servers. It is very common for RavenDB to be deployed on the edge. “RavenDBcan operate in a disconnected manner, but the data will be synced to a central location - usually on the cloud,” Eini explains. “We have a customer who has deployed RavenDB inside industrial robots running Raspberry Pi and another running RavenDB in a Point of Sale system.” RDI Software, a landmark RavenDB customer, has deployed the database on edge to over 36,000 restaurant locations, where the platform processes upward of 500,000 USD per minute. The company has a unique requirement for a database: robustness above all else. “The typical employee for a fast food restaurant is a teenager on minimum wage - not exactly your ideal IT worker. As such, we have to deal with very old hardware, used in often hazardous environments and operated by people with very little experience”, Eini explains. He elaborates, “RavenDB has been used in this capacity for over half a decade, because it is able to handle this situation and doesn’t require constant supervision. In particular, RavenDB’s zero admin capabilities mean that the database is able to adjust, independently, to each individual environment and behavior.” The Bottom Line RavenDB’s transparent open-source approach to data management and intense focus on operational simplicity make the database ideal for security-conscious users looking for a fast, user-friendly platform for business application development. Through RavenDB 5.0 and RavenDB Cloud, the RavenDB 5.0 release brings security, usability and efficiency to local and hosted environments alike. Visit ravendb.net to learn more about the database, and to download RavenDB 5.0 or RavenDB Cloud . Connect with RavenDB on social media: Twitter | Facebook | LinkedIn . RavenDB 5.0 is an advanced NoSQL database that enhances security, usability, and fosters open-source development, making it ideal for modern programmers. RavenDB, NoSQL Database, Data Management, Open Source Security. . Brittany Day
Oct 19, 2020
•
102
securityopen-sourcedatabaseRavenDB: Innovative NoSQL Database for Data Management and Security
When it comes to using a NoSQL document database to store, manage and retrieve documents, reliability, privacy, efficiency and ease-of-use are essential in optimizing productivity and ensuring data security. However, the unfortunate reality is that many NoSQL document databases fail to embody these important characteristics, leaving users frustrated - and often at risk. . Ranked among the top 10 Document Databases Worldwide by DB-Engines, RavenDB is an impressive NoSQL database that is pioneering document management with a unique, innovative open-source approach - providing users with an all-in one platform that is fast, scalable, integrated, fully-automated and secure. To gain insight into how RavenDB has been able to surpass the majority of other NoSQL databases available in these regards, we spoke with RavenDB Founder, CEO and Lead Developer Oren Eini about the project’s history and evolution, the unique set of benefits that RavenDB offers users and how the use of open-source development has helped give RavenDB a winning edge over its competitors. From Inspiration to Reality: The History and Evolution of RavenDB After years of working as a database performance consultant, software developer, programmer and entrepreneur, Oren Eini recognized the same mistakes being made in many of the projects he analyzed - plaguing all applications using these relational databases and resulting in unstructured data. The issues he noticed were most often not with the way the database was set up, but instead could be attributed to the complexity of the model and the impedance mismatch between the way the data was stored in a relational database and the way the application modeled the data. Beyond the relational world, there existed a host of databases under the NoSQL umbrella that had varying data models and use cases. Within this realm, Eini recognized the value of document databases for business applications, but was appalled at the state of these databases at the time. In particular, the lack oftransactions and the kind of interface users were presented with were decidedly not user friendly - putting the burden of transactions on the user while providing minimal insight into the data in the database. Convinced that there had to be a better way to process the critical information powering modern applications, Eini began envisioning a solution to this problem. He recalls: “I started thinking about the kind of database that I wanted to create. Thinking about it wasn’t enough at some point. I remember being woken at the middle of night and looking at the ceiling, seeing how the different components of the database would be put together.” In 2009 Eini began his work designing a NoSQL document database ahead of its time. His goal was to create the first transactional document database, prioritizing seamless integration and ease-of-use for both developers and operating teams. The first version of RavenDB was built using C#, and focused on providing a user-friendly database for business applications - which RavenDB continues to excel at today. Once coding began, the project made quick progress, and secured its first client - a Norwegian institution for wildlife preservation - in 2010. By 2015, one million developers worldwide had downloaded RavenDB and by 2018, with the releases of RavenDB 4.0 and 4.1, the database had a remarkable three million downloads. The following year, RavenDB Cloud was launched, offering a Database as a Service to AWS, Azure and Google Cloud users. The current release, RavenDB 5.0.2 (which can be downloaded download ), is the most comprehensive update to date, offering a robust set of features that made it easy for developers to integrate the document database into their applications. All of the components that comprise RavenDB 5.0.2 were built entirely from scratch to work harmoniously, resulting in a database that is simple to operate, fast, integrated and widely available. The release of version 5.0.2 introduced two key features: time series support and documentcompression. Time series support enables users to track time series data such as stock price, heart rate or location and document compression analyzes documents to identify commonalities between them, creating a dictionary that is used to compress data efficiently between documents. The new document compression feature has cut cloud storage costs in version 5.0.2 by an impressive 50%. RavenDB looks forward to the release of version 5.1 in Q4 of 2020, which will introduce the filtered replication feature. RavenDB is a distributed database with support for multiple concurrent writers in the cluster. A common deployment pattern is to deploy RavenDB instances on the edge, a s well as a RavenDB cluster in a central location. This pattern allows users to share data among many locations, providing the benefit of a local database with the ability to work in disconnected mode. At the same time, when there is connectivity between the edge and the central cluster, RavenDB will automatically sync the data between them. The filtered replication mode in version 5.1 extends this support even further, allowing users to define fine-grained security rules for data flows between the edge instances and the central cluster by controlling which edge machine will see what kind of data. Achieving Excellence through the Use of Open-Source Development RavenDB is an open-source database released under an OSI approved license (the AGPL for the server and MIT for the clients), a factor that Eini feels has both contributed to the adoption of the database and greatly enhanced its feature set. RavenDB’s automatic indexing support, for instance, was created by the open-source community and now stands out as one of the database’s central features. RavenDB is the epitome of an open-source success story - a testament to the power of community involvement and the benefits associated with source code transparency. Eini explains how the project’s open-source approach has impacted RavenDB’s success: “Being open-sourcehas allowed us to create a community around the project - one that has enriched the project significantly. Code contributions are only a part of this.” He elaborates: “Feedback provided by the community has been crucial in improving RavenDB. It really helps when you can have a proper discussion with a customer, and the fact that our entire codebase is open-source and available in our code repository has made it easy to get to the root cause of issues quickly.” Enhanced Security through Usability Along with the project’s unique and beneficial open-source philosophy, RavenDB’s impressive usability sets the database apart - especially when it comes to security. Unlike many vendors, the company considers support to be a cost center, not a revenue center. In other words, insight gained through support calls is used to modify the product to make such calls unnecessary in the future. Viewing support as a revenue center disincentivizes vendors to create user-friendly products - in this sense, it literally doesn’t pay to make software easy to use. This philosophy has drastic negative implications on security - which is closely tied with usability. Database breaches continually demonstrate that having complex security is equivalent to having no security at all. Eini compares this to a lock: “The best lock on the world isn’t going to be used if it takes too long to open and close. History has a wealth of examples of security measures that were awkward to use, and thus, ignored.” In contrast, RavenDB’s approach to security embodies simplicity and automation. The database has a binary security property - it is either running in a secured mode, or it is not. There aren’t a ton of configuration options or compatibility matrices to go through. Eini explains: “We put a lot of emphasis on the usability of the secured setup and users can go through the entire process with no knowledge of security and still end up with a secured system. In addition, RavenDB will flat out resist if you try toput it in a potentially insecure position. We intentionally made it so it would be very easy to fall into the pit of success.” Arguably the most important aspect of RavenDB’s security is the fact that it is largely automated. By selecting the defaults during the initial setup, the following will occur: RavenDB will assign a subdomain under “*.ravendb.community” to the user’s instance. RavenDB will use this to answer the Let’s Encrypt DNS challenge and generate an HTTPS certificate which will serve as the server certificate. RavenDB will update the DNS to point to the IP provided. RavenDB will generate a client certificate which can be used to authenticate to the server. None of the above require users to do anything more complex than select the name that they want their instance to have and the IP it should resolve to. The end result is that users can go to a URL such as: a.my-db.ravendb.community and authenticate immediately. There is no complex security checklist to go through, and no multi-step commands that must be entered in order to achieve the right setup. RavenDB handles all of this to mitigate the risk of security issues and exploits due to users’ failure to ‘lock the barn doors’. Key Takeaways Transparency, usability and automation are essential to the security and success of a database. RavenDB excels in all of these areas. The NoSQL document database is pioneering data management through the use of open-source development and an intense focus on usability and automation. RavenDB is an excellent option for developers looking for a fast, secure and easy-to-use database for the development of business applications. Visit ravendb.net to learn more about the database. RavenDB version 5.0.2 can be downloaded ravendb . Connect with RavenDB on social media: Twitter | Facebook | LinkedIn . Celebrated as one of the leading Graph Databases on the globe by DB-Engines, ArangoDB is a remarkable NoSQL solution.. NoSQL Document Database, RavenDBFeatures, Open-Source Security, Data Management Solutions. . Brittany Day
Oct 05, 2020
•
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Community Poll
What got you started with Linux?
Search Topics
Powered By
Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases
QUICK LINKS
subscribe to newsletters!
Like staying secure? So do we.
Sign up for updates, tips, and alerts!
Discover faster search, smarter navigation, and deeper Linux security insights. Read More