Summary
The document titled 'Neo4j Security Benchmark' serves as a guide for establishing a secure configuration posture for Neo4j Enterprise Edition versions 2025.01 and higher. It outlines prescriptive guidance tested against Neo4j 2025.01 on Amazon Linux 2023 AMI and Microsoft Windows Server 2022, while also applicable to other Linux distributions. The intended audience includes system and application administrators, security specialists, auditors, help desk personnel, and platform deployment staff involved in developing, deploying, assessing, or securing Neo4j solutions. The document details various security configurations, including installation and patching guidance, authentication methods, encryption protocols, and activity logging practices. It emphasizes the importance of using the most recent software version and applicable patches to minimize vulnerabilities. Additionally, it includes information on changes in Neo4j 2025, such as default port modifications and Java version requirements.
