Can anyone help me with process of implementing VAPT (Vulnerability assessment and penetration testing) report of my MongoDB atlas database.
Thankyou in advance.
@Ashutosh_Mishra1 are you looking to obtain penetration testing report of Atlas or looking to pen test your MongoDB cluster in Atlas yourself? The cluster implements secure defaults such as always on TLS / authn / authz, and is not accessible from the Internet by default.
Hi @Salman_Baset , how can we do pentest of our own cluster?
Hi @Ashutosh_Mishra1 , you can implement tests to ensure that your cluster configuration through Atlas is in line with your desired policies. For example, if your desired TLS level is 1.2, you can run simple nmap tests to check the desired TLS level on your cluster. The default TLS level on a cluster is 1.2