DevSecOps Research & Vulnerabilities

DevSecOps Research & Vulnerabilities

We published 5 blog posts regarding our Jenkins DevOps Research:

Main 2 vulnerabilities discovered:
Tripping the Jenkins Main Security Circuit-Breaker: An Inside Look at Two Jenkins Security Vulnerabilities

Jenkins: Configuring and Securing Credentials
Configuring and Securing Credentials in Jenkins

Jenkins Plugins
Jenkins Plugins – Aladdin’s Lamp and the Sultan of Threats

Securing Jenkins: Active Directory and LDAP Services in a Jenkins Environment

Jenkins Java Web Start Agents
CyberArk Labs Research: Securing Jenkins Java Web Start Agents


Would you post these in the main #CyberArk-Labs category? I’m worried people won’t see them here, and these look interesting. Maybe make a new post with all of the links?

It seems like I can only include 2 links in a post

Good catch, Discourse came with some weird default rules. I’ll fix that now

So the rule was 2 links per post for the newuser user level. I changed it to 5. You get unlimited when you raise your user level

1 Like