Securing Jenkins: Active Directory and LDAP Services in a Jenkins Environment

Securing Jenkins: Active Directory and LDAP Services in a Jenkins Environment

|
The Jenkins automation server is widely considered the de-facto standard in open source continuous integration tools. It offers a wealth of integration possibilities for user authentication and authorization, such as Unix user database, OpenID, Github ... Read More
How I Hacked Play-with-Docker and Remotely Ran Code on the Host

How I Hacked Play-with-Docker and Remotely Ran Code on the Host

|
Introduction Play-with-Docker (PWD), Docker’s playground website, allows beginners to run Docker commands in a matter of seconds. Built on a number of hosts with each running multiple student’s containers, it’s a great place to learn ... Read More
Tripping the Jenkins Main Security Circuit-Breaker: An Inside Look at Two Jenkins Security Vulnerabilities

Tripping the Jenkins Main Security Circuit-Breaker: An Inside Look at Two Jenkins Security Vulnerabilities

|
CyberArk Labs has discovered several vulnerabilities in the leading open source automation server Jenkins. This blog examines two of the more significant issues. Following responsible disclosure, the vulnerabilities were reported to CloudBees, which supports Jenkins ... Read More