Right on. These folks like to talk about how they can pown everything under the sun. That kind of talk is cheap and easy. On the other hand, writing an article with tangible ways to protect your MongoDB database would take some effort and would not be interesting to them.
It is not cheap and easy to find new vulnerability classes. The people who say things like this are virtually always members of the set of professionals who have never discovered any new attack classes at all.
It may be harder to build something good than it is to break things, but it is almost invariably harder to break things than it is to build the average thing.
