Saturday, September 19, 2020
  • DEF CON 28 Safe Mode Red Team Village – Ray Doyle’s ‘Weaponized XSS Moving Beyond Alert’
  • XKCD ‘Voting’
  • DEF CON 28 Safe Mode Red Team Village – Mazin Ahmed’s ‘Hacking Zoom: A Hackers Journey Into Zoom Security’
  • Automate Reporting Across LDAP Apps, Networks, & Servers
  • NIST SP 800-53 Gets One Step Closer to Becoming a Standard

Security Boulevard

The Home of the Security Bloggers Network

Community Chats Webinars Library
  • Home
    • Cybersecurity News
    • Features
    • Industry Spotlight
    • News Releases
  • Security Bloggers Network
    • Latest Posts
    • Contributors
    • Syndicate Your Blog
    • Write for Security Boulevard
  • Webinars
    • Upcoming
    • On-Demand
  • Chat
    • Security Boulevard Chat
    • Marketing InSecurity Podcast
  • Library
  • Related Sites
    • MediaOps Inc.
    • DevOps.com
    • Container Journal
    • Digital Anarchist
    • SweetCode.io
  • Media Kit

  • Analytics
  • AppSec
  • CISO
  • Cloud
  • DevOps
  • GRC
  • Identity
  • Incident Response
  • IoT / ICS
  • Threats / Breaches
  • More
    • Blockchain / Digital Currencies
    • Careers
    • Cyberlaw
    • Mobile
    • Social Engineering
  • Humor
DevOps Security Bloggers Network 

Home » Cybersecurity » DevOps » Study: DevOps Servers In The Wild Highlight Infrastructure Security Needs

Study: DevOps Servers In The Wild Highlight Infrastructure Security Needs

by Ben Layer on May 2, 2018

A mature DevOps practice involves applying multiple tools at different steps of the delivery pipeline, and a new study from IntSights focuses on these tools that may be open to attack on the Internet.

Each new tool added to your process can expand your attack surface area – and, in many cases, new development and delivery tools are being used without oversight from a security team. With complex tools being used in each DevOps step, potential attack vectors and the risk of compromise rapidly increase.

Under the assumption that the majority of DevOps tools are web-based, IntSights studied DevOps servers and software found accessible via the internet.

The research centered around a list of nearly 26,000 URLs and subdomains compiled by combining known DevOps tool names with the domains of different organizations, such as by searching for Jenkins automation servers under the hostname “jenkins.example.com.”

Every server that answered with a live and valid response was considered an open server and was then subjected to further investigation to determine what sort of security was present. No “fancy attack tools” were used. Only OSINT (Open Source Intelligence) tools and websites.

Are DevOps Tools Expanding Your Attack Surface?

The results show that 23.6 percent – or 5,967 out of 25,876 – of the URLs tested were accessible via the web, with a variety of access levels. In some cases, some software was totally exposed with no username and password combination.

In one example, a Jenkins server was available with multiple builds to investigate. Automated build tools often have hardcoded credentials or accidentally expose data via commands or output in log files, providing information for further attacks.

In another example, an open Elasticsearch server, which requires no authentication by default, was found. Elasticsearch is a distributed search and analytics engine (Read more...)

*** This is a Security Bloggers Network syndicated blog from The State of Security authored by Ben Layer. Read the original post at: https://www.tripwire.com/state-of-security/devops/report-devops-servers-in-the-wild-highlight-infrastructure-security-needs/

May 2, 2018May 2, 2018 Ben Layer DEVOPS, Featured Articles, security
  • ← Dispelling the Myth: How to Optimize Your Company for Both Cyber Security and Productivity
  • The Importance of Innovation in Network Monitoring →

TechStrong TV – Live Streaming

TechStrong TV - All Episodes
Featured Blog

blubracket

Git it right—How hackers exploit Git misconfigurations & what to do about it

blubracket

Uncovering Secrets in Code—A Case Study

blubracket

BluBracket Adds Stolen and Leaked Code Detection, Remediation to its CodeSecurity Suite

Subscribe to our Newsletters

Get breaking news, free eBooks and upcoming events delivered to your inbox.
  • View Security Boulevard Privacy Policy

Most Read on the Boulevard

BlindSide: Intel/AMD Speculation Bugs Under Microscope Again
DataSecOps: Protecting Data in the Cloud
Using SaaS Backup and Recovery to Protect Your Data With a Virtual Air Gap
IT’s Confidence in Mitigating Cyberthreats Low
Palo Alto Networks Moves to Secure SD-WANs
Can You Crack Monero? IRS Offers $625,000 Bounty for Anyone Who Can Break Privacy of Cryptocurrency
Seychelles Bank Doesn’t Know How It Got Infected with Ransomware Last Week
Joint Cybersecurity Advisory on Threat Hunting and Incident Response Released
Security Incident at VA Exposed 46K Veterans’ Information
Teen Hackers & Cybercrime: Teen Rebellion Ain’t What It Used to Be

Upcoming Webinars

Mon 21

Managing the AppSec Toolstack

September 21 @ 1:00 pm - 2:00 pm
Tue 22

Preventing Code Leaks & Other Critical Security Risks from Code

September 22 @ 3:00 pm - 4:00 pm
Thu 24

Automating App Security with AI: How to Secure a Million Lines of Code in Five Minutes

September 24 @ 3:00 pm - 4:00 pm
Tue 29

Step-by-Step Guide to Protecting Web Apps with Google reCAPTCHA

September 29 @ 3:00 pm - 4:00 pm

More Webinars

Download Free eBook

Identifying Web Attack Indicators

Recent Security Boulevard Chats

  • Cloud, DevSecOps and Network Security, All Together?
  • Security-as-Code with Tim Jefferson, Barracuda Networks
  • ASRTM with Rohit Sethi, Security Compass
  • Deception: Art or Science, Ofer Israeli, Illusive Networks
  • Tips to Secure IoT and Connected Systems w/ DigiCert

Industry Spotlight

Patching in the Time of Remote Work
Cybersecurity Endpoint Industry Spotlight Security Boulevard (Original) 

Patching in the Time of Remote Work

September 18, 2020 Jason Short | 1 day ago 0
Adopting Quantum-Safe Cryptography: Why Y2Q Will Be Too Late
Cybersecurity Data Security Industry Spotlight Security Awareness Security Boulevard (Original) Threats & Breaches 

Adopting Quantum-Safe Cryptography: Why Y2Q Will Be Too Late

September 17, 2020 Philip Lafrance | 2 days ago 0
The Value of Data From a Consumer Perspective
Cybersecurity Data Security Industry Spotlight Security Boulevard (Original) 

The Value of Data From a Consumer Perspective

September 16, 2020 Mike Nelson | 3 days ago 0

Top Stories

U.S. Requires Servers to Ban TikTok, WeChat Traffic
Application Security Cybersecurity Featured News Security Boulevard (Original) Spotlight 

U.S. Requires Servers to Ban TikTok, WeChat Traffic

September 18, 2020 Mark Rasch | 1 day ago 0
DuckDuckGo: Crazy Name, Growing Crazy-Fast
Cloud Security Cybersecurity Endpoint Featured Mobile Security News Security Awareness Security Boulevard (Original) Spotlight 

DuckDuckGo: Crazy Name, Growing Crazy-Fast

September 18, 2020 Richi Jennings | 1 day ago 0
RangeForce Expands Security Training Cloud Service
Cybersecurity Featured Incident Response News Security Awareness Security Boulevard (Original) Spotlight 

RangeForce Expands Security Training Cloud Service

September 17, 2020 Michael Vizard | 2 days ago 0

Security Humor

XKCD 'Voting'

XKCD ‘Voting’

Join the Community

  • Add your blog to Security Bloggers Network
  • Write for Security Boulevard
  • Bloggers Meetup and Awards
  • Ask a Question
  • Email: info@securityboulevard.com

Useful Links

  • About
  • Media Kit
  • Sponsors Info
  • Copyright
  • TOS
  • Privacy Policy
  • DMCA Compliance Statement

Other Mediaops Sites

  • Container Journal
  • DevOps.com
  • DevOps Connect
  • DevOps Institute
Copyright © 2020 MediaOps Inc. All rights reserved.

Our website uses cookies. By continuing to browse the website you are agreeing to our use of cookies. For more information on how we use cookies and how you can disable them, please read our Privacy Policy.