Friday, November 16, 2018
  • DerbyCon 2018, Mike Saunders’ ‘Web App 101: Getting The Lay Of The Land’
  • Amazon AWS GuardDuty
  • U.S. Mid-term Elections and Akamai Enterprise Threat Protector
  • Blackberry Acquires Cylance to Apply AI to IoT Cybersecurity
  • Veracode at Black Hat Europe 2018

Security Boulevard

The home of the Security Bloggers Network

Community Chats Webinars Library
  • Home
    • Cybersecurity News
    • Features
    • Industry Spotlight
  • Security Bloggers Network
    • Latest Posts
    • Contributors
    • Syndicate Your Blog
    • Write for Security Boulevard
  • Webinars
    • Upcoming
    • On-Demand
  • Chats
    • CISO Conversations
  • Library

  • Analytics
  • AppSec
  • CISO
  • Cloud
  • DevOps
  • GRC
  • Identity
  • Incident Response
  • IoT / ICS
  • Threats / Breaches
  • More
    • Blockchain / Digital Currencies
    • Careers
    • Cyberlaw
    • Mobile
    • Social Engineering
DevOps Security Bloggers Network 

Home » Cybersecurity » DevOps » Study: DevOps Servers In The Wild Highlight Infrastructure Security Needs

Study: DevOps Servers In The Wild Highlight Infrastructure Security Needs

by Ben Layer on May 2, 2018

A mature DevOps practice involves applying multiple tools at different steps of the delivery pipeline, and a new study from IntSights focuses on these tools that may be open to attack on the Internet.

Each new tool added to your process can expand your attack surface area – and, in many cases, new development and delivery tools are being used without oversight from a security team. With complex tools being used in each DevOps step, potential attack vectors and the risk of compromise rapidly increase.

Under the assumption that the majority of DevOps tools are web-based, IntSights studied DevOps servers and software found accessible via the internet.

The research centered around a list of nearly 26,000 URLs and subdomains compiled by combining known DevOps tool names with the domains of different organizations, such as by searching for Jenkins automation servers under the hostname “jenkins.example.com.”

Every server that answered with a live and valid response was considered an open server and was then subjected to further investigation to determine what sort of security was present. No “fancy attack tools” were used. Only OSINT (Open Source Intelligence) tools and websites.

Are DevOps Tools Expanding Your Attack Surface?

The results show that 23.6 percent – or 5,967 out of 25,876 – of the URLs tested were accessible via the web, with a variety of access levels. In some cases, some software was totally exposed with no username and password combination.

In one example, a Jenkins server was available with multiple builds to investigate. Automated build tools often have hardcoded credentials or accidentally expose data via commands or output in log files, providing information for further attacks.

In another example, an open Elasticsearch server, which requires no authentication by default, was found. Elasticsearch is a distributed search and analytics engine (Read more...)

*** This is a Security Bloggers Network syndicated blog from The State of Security authored by Ben Layer. Read the original post at: https://www.tripwire.com/state-of-security/devops/report-devops-servers-in-the-wild-highlight-infrastructure-security-needs/

May 2, 2018May 2, 2018 Ben Layer DEVOPS, Featured Articles, security
  • ← Dispelling the Myth: How to Optimize Your Company for Both Cyber Security and Productivity
  • The Importance of Innovation in Network Monitoring →
Featured Blog

Secure Code Warrior

Why financial institutions are leading the charge to upskill their developers in secure coding

Secure Code Warrior

Why SQL Injections Are The Cockroaches of the AppSec World (and how CISOs can eradicate them once and for all)

Secure Code Warrior

A Brighter Future For DevSecOps? It’s Closer Than You Think

Subscribe to our Newsletters

Get breaking news, free eBooks and upcoming events delivered to your inbox.
  • View Security Boulevard Privacy Policy

Most Read on the Boulevard

Hackers Exploit Recently Patched ColdFusion Vulnerability
The Changing Face of Web Application Security
Microsoft and Adobe Patch Zero-Day Vulnerabilities
The Top 5 Industries Grappling with Bad Bots
Convergence of Security, Networking Services Accelerates
Your Definitive Guide to Information Security Conferences in 2019
Top Cybersecurity Threats & How the WAF Must Evolve to Address Them
Security Vulnerabilities identified in Washington, Georgia, and North Carolina’s voting systems
Dharma Ransomware: What It’s Teaching Us
SAP Security Notes November ‘18: The Mobile Client Side Menace

Upcoming Webinars

Tue 27

2018 Black Hat Hacker Survey Report: What Hackers Really Think About Your Cyber Defenses

November 27 @ 11:00 am - 12:00 pm
Thu 29

Cloud Security: What You Need to Know

November 29 @ 1:00 pm - 2:00 pm

More Webinars

Download Free eBook

The Four Current Threats Enterprises Can’t Ignore

CISO/Security Vendor Relationship Series

CISO/Security Vendor Relationship Podcast

Recent Security Boulevard Chats

  • Cloud, DevSecOps and Network Security, All Together?
  • Security-as-Code with Tim Jefferson, Barracuda Networks
  • ASRTM with Rohit Sethi, Security Compass
  • Deception: Art or Science, Ofer Israeli, Illusive Networks
  • Tips to Secure IoT and Connected Systems w/ DigiCert

Industry Spotlight

6 Best Practices to Make the Most of Your Sandbox Proof of Concept
Analytics & Intelligence Cybersecurity Industry Spotlight Security Boulevard (Original) Threat Intelligence 

6 Best Practices to Make the Most of Your Sandbox Proof of Concept

November 16, 2018 Ralf Hund | 15 hours ago 0
Move Over, Ransomware: Cryptojacking is the New Kid in Town
Cybersecurity Endpoint Industry Spotlight Security Boulevard (Original) 

Move Over, Ransomware: Cryptojacking is the New Kid in Town

November 15, 2018 Nick Bilogorskiy | Yesterday 0
The Top 5 Industries Grappling with Bad Bots
Cybersecurity Industry Spotlight Malware Security Boulevard (Original) 

The Top 5 Industries Grappling with Bad Bots

November 13, 2018 Reid Tatoris | 3 days ago 0

Top Stories

Blackberry Acquires Cylance to Apply AI to IoT Cybersecurity
Analytics & Intelligence Cybersecurity Featured IoT & ICS Security News Security Boulevard (Original) Spotlight 

Blackberry Acquires Cylance to Apply AI to IoT Cybersecurity

November 16, 2018 Michael Vizard | 5 hours ago 0
Galaxy S9, iPhone X, Xiaomi Mi6 Devices Hacked at Pwn2Own Contest
DevOps Featured Mobile Security News Security Boulevard (Original) Spotlight Vulnerabilities 

Galaxy S9, iPhone X, Xiaomi Mi6 Devices Hacked at Pwn2Own Contest

November 16, 2018 Lucian Constantin | 7 hours ago 0
Alert Logic Adds Managed Threat Intelligence Service
Cybersecurity Featured Network Security News Security Boulevard (Original) Spotlight 

Alert Logic Adds Managed Threat Intelligence Service

November 16, 2018 Michael Vizard | 8 hours ago 0

Join the Community

  • Add your blog to Security Bloggers Network
  • Write for Security Boulevard
  • Bloggers Meetup and Awards
  • Ask a Question
  • Email: info@securityboulevard.com

Useful Links

  • About
  • Media Kit
  • Sponsors Info
  • Copyright
  • TOS
  • Privacy Policy

Other Mediaops Sites

  • Container Journal
  • DevOps.com
  • DevOps Connect
  • DevOps Institute
Copyright © 2018 Mediaops Inc. All rights reserved.
Our website uses cookies. By continuing to browse the website you are agreeing to our use of cookies. For more information on how we use cookies and how you can disable them, please read our Privacy Policy.