AWS, DevOps

Jenkins Google Authentication

In Jenkins by default user authentication is not enabled but we can establish the user authentication from the Global Security section. We have to create users for team members and it maintains all user in its own database. But we can also configure Jenkins with Google oAuth. So, if you are leveraging Google services and already have...

by Rajdeep Singh
Tag: insecure Jenkins

Application Security, AWS

Why compromised Jenkins can lead to a disaster?

I was recently searching for something on Google and came across this instance of what might be a logical vulnerability prevailing across multiple web applications. I was searching for publicly accessible Jenkins console through Google Dorking. My search query listed some of the websites that had Jenkins as a part of their domain...

by Ankit Giri
Tag: insecure Jenkins