One of the first paper on NoSQL security. Its a great presentation by Bryan Sullivan at the RSA conference, it introduces the main security issue of the NoSQL solutions such as:
- NoSQL injection, just like SQL injection but manipulating the JSON string instead of the SQL query
- Authentication is unsupported or discouraged within NoSQL solution which is a big issue when combined with REST API
- SSJS Injection aka Server-side JavaScript injection
Loading ...
