Chapter 7. Security

This chapter describes features pertaining to security in Neo4j.

To protect your data, first ensure your physical data security by following industry best practices with regard to server and network security. Ensure that your Neo4j deployment adheres to your company’s information security guidelines by setting up the appropriate authentication and authorization rules. We describe authentication and authorization in Neo4j in Section 7.1, “Authentication and authorization”.

Section 7.2, “Securing extensions” describes how to ensure that custom-written extensions to Neo4j do not unintentionally expose vulnerabilities.

Logs can be harvested for continuous analysis, or for specific investigations. Facilities are available for producing security event logs as well as query logs as described in Chapter 8, Monitoring.

Finally, a simple checklist for Neo4j security is provided in Section 7.3, “Security checklist”.