DevSecOps Research & Vulnerabilities

John · September 6, 2019, 3:27pm

nimrods8 · October 24, 2019, 1:11pm

We published 5 blog posts regarding our Jenkins DevOps Research:

Main 2 vulnerabilities discovered:
Tripping the Jenkins Main Security Circuit-Breaker: An Inside Look at Two Jenkins Security Vulnerabilities

Jenkins: Configuring and Securing Credentials
Configuring and Securing Credentials in Jenkins

Jenkins Plugins
Jenkins Plugins – Aladdin’s Lamp and the Sultan of Threats

LDAP & AD
Securing Jenkins: Active Directory and LDAP Services in a Jenkins Environment

Jenkins Java Web Start Agents
CyberArk Labs Research: Securing Jenkins Java Web Start Agents

jake · October 24, 2019, 1:15pm

Would you post these in the main #CyberArk-Labs category? I’m worried people won’t see them here, and these look interesting. Maybe make a new post with all of the links?

nimrods8 · October 24, 2019, 1:17pm

It seems like I can only include 2 links in a post

jake · October 24, 2019, 1:27pm

Good catch, Discourse came with some weird default rules. I’ll fix that now

jake · October 24, 2019, 1:28pm

So the rule was 2 links per post for the newuser user level. I changed it to 5. You get unlimited when you raise your user level

Topic		Replies	Views
DevOps: Jenkins Research CyberArk Labs	0	540	October 24, 2019
Kubernetes Pentest Methodology Part 2 CyberArk Labs	0	707	December 18, 2019
Welcome to CyberArk Developer! :wave:	1	970	March 27, 2019
Lazy Privilege Escalation: Abusing Dell's DUP Framework, CVE-2019-3726 CyberArk Labs	0	530	October 24, 2019
About the CyberArk Labs category CyberArk Labs	0	678	September 5, 2019

DevSecOps Research & Vulnerabilities

Related topics