First results from using GitHub CodeQL to discover security vulnerabilities in Jenkins plugins
A little over a month ago, GitHub announced the general availability of its code scanning solution. It’s based on CodeQL,… Read More
noviembre 5, 2020
security
New – Using Amazon GuardDuty to Protect Your S3 Buckets
As we anticipated in this post, the anomaly and threat detection for Amazon Simple Storage Service (S3) activities that was previously available in… Read More
julio 31, 2020
Severity of cross-site scripting vulnerabilities
Eagle-eyed readers of today’s security advisory may already have noticed that we consider the cross-site scripting (XSS) vulnerabilities to be… Read More
julio 16, 2020
Amazon Detective – Rapid Security Investigation and Analysis
Almost five years ago, I blogged about a solution that automatically analyzes AWS CloudTrail data to generate alerts upon sensitive… Read More
marzo 31, 2020
Introducing the Azure Key Vault Credentials Provider for Jenkins
Azure Key Vault is a product for securely managing keys, secrets and certificates. I’m happy to announce two new features… Read More
marzo 31, 2020
Generic Webhook Trigger Plugin
Table of Contents The Problem Code Duplication And Security A Branch Is Not A Feature Documentation The Solution Code Duplication… Read More
diciembre 15, 2019
Introducing the AWS Secrets Manager Credentials Provider for Jenkins
API keys and secrets are difficult to handle safely, and probably something you avoid thinking about. In this post I’ll… Read More
diciembre 11, 2019
Identify Unintended Resource Access with AWS Identity and Access Management (IAM) Access Analyzer
Today I get to share my favorite kind of announcement. It’s the sort of thing that will improve security for… Read More
diciembre 2, 2019
Do Plugins Store Credentials In A Secure Way? – DevOps World | Jenkins World 2019
This is a speaker blog post for a DevOps World | Jenkins World 2019 talk in Lisbon, Portugal and has… Read More
noviembre 30, 2019
Thinking About Jenkins Security – DevOps World | Jenkins World 2019
This is a speaker blogpost for a DevOps World | Jenkins World 2019 talk in Lisbon, Portugal Come join us… Read More
octubre 22, 2019