Summary
The Neo4j Security Benchmark is a guide that provides prescriptive guidance for establishing a secure configuration posture for Neo4j Enterprise Edition versions 5 and higher. It covers various aspects of security configuration, including installation and patching, authentication, encryption, activity logging, and operating system hardening. The document is intended for system and application administrators, security specialists, auditors, and platform deployment personnel who are involved in developing, deploying, assessing, or securing solutions that incorporate Neo4j Enterprise Edition. The guide was tested against Neo4j 5 running on Ubuntu Linux 20.04 and Microsoft Windows Server 2019, and it applies to other Linux distributions as well. It emphasizes the importance of using the most recent Neo4j software version and patches to limit vulnerabilities and provides detailed instructions on configuring various security features such as TLS, user authentication, and data encryption. Additionally, it includes information on changes in Neo4j 5 related to security enhancements.
