67 matches found
PT-2020-15543 · Jenkins · Jenkins Azure Key Vault Plugin +1
Name of the Vulnerable Software and Affected Versions: Jenkins Azure Key Vault Plugin versions 2.0 and earlier Description: A missing permission check in the Jenkins Azure Key Vault Plugin allows attackers with Overall/Read permission to enumerate credentials IDs of credentials stored in Jenkins...
Protect Your Cloud Workloads using IaC
Get step-by-step instructions on how to perform an automated security deployment utilizing Terraform by Hashicorp, an Azure Custom-Script Extension, and a Trend Micro Cloud One™ deployment script stored in an Azure Key Vault...
Qualys Cloud Platform 10.1.0 New Features
The upcoming release of the Qualys Cloud Platform VM, PC, version 10.1.0, includes several new features and enhancements in Qualys Cloud Platform and Qualys Policy Compliance. This release will also add support for new technologies in Qualys Policy Compliance for OCA. 10.1.0 is scheduled to go li...
Azure Automation Elevation of Privilege Vulnerability
An elevation of privilege vulnerability exists in Azure Automation “RunAs account” runbooks for users with contributor role. This vulnerability could potentially allow members of an organization to access Key Vault secrets through a runbook, even if these members would personally not have access ...
Qualys Cloud Platform (VM, PC) 8.19 New Features
This new release of the Qualys Cloud Platform VM, PC, version 8.19, contains several new features and improvements in Qualys Vulnerability Management and Policy Compliance, which include an improved display of deadlines for remediation policies in VM; additional support for MS Exchange Server...
Extraneous SSH Public Keys added to Authorized Keys file on Linux VM
None None...
Best practices for securely moving workloads to Microsoft Azure
Azure is Microsofts cloud computing environment. It offers customers three primary service delivery models including infrastructure as a service IaaS, platform as a service PaaS, and software as a service SaaS. Adopting cloud technologies requires a shared responsibility model for security, with...