Skip to content

Neo4j Credentials

Service Name: Neo4j

Service Description: Neo4j is a graph database management system developed by Neo4j, Inc. It is a native graph database that stores data in nodes and relationships rather than tables, making it efficient for highly connected data and complex queries.

Service Address: https://neo4j.com/

Validation Type: API Auth

IP Allow list: IP restrictions can be configured at the database level through Neo4j's security settings and firewall configurations.

Secret Access Scope: Grants access to Neo4j databases, allowing for data manipulation, schema changes, and administrative operations depending on the user's permissions.

Secret Revokement URL: https://neo4j.com/docs/operations-manual/current/authentication-authorization/password-and-user-management/

Secret Example: neo4j://username:p@ssw0rd@localhost:7687

Suspicious Activity Investigation Instructions:

  • Review Neo4j logs for unusual query patterns or high-volume data access
  • Check for unauthorized schema changes or database modifications
  • Monitor for unusual connection attempts from unexpected IP addresses
  • Examine user activity logs for operations outside normal business hours
  • Look for bulk data exports or unusual query performance patterns

Mitigation Instructions:

  • Immediately change the compromised password in the Neo4j Admin interface
  • Revoke and rotate any affected credentials
  • Review and update user permissions to enforce the Principle of Least Privilege.
  • Enable Neo4j's built-in security features including role-based access control.
  • Implement connection encryption (SSL/TLS) if not already enabled.
  • Configure IP allowlisting to restrict database access to known networks.
  • Enable audit logging to track future database activities.
  • Consider implementing multi-factor authentication if available in your Neo4j deployment.