Search: TG上粉✅SMMFS.COM✅表情反应频道关注,pps

Search

Blog posts

Outage on octopus.com - report and learnings

Public incident report and our learnings about the octopus.com DNS disruption from January 25 – 26, 2023.

Documentation

GoogleApps authentication

Octopus Deploy can use GoogleApps authentication to identify users.

Guest login

Octopus Deploy supports a guest login if enabled.

Octopus ID authentication

Octopus Deploy can use Octopus accounts to identify users.

Okta authentication

Octopus Deploy can use Okta authentication to identify users.

Troubleshooting authentication problems

A guide for troubleshooting authentication problems in Octopus Deploy.

Built-in Worker

The built-in worker is enabled by default in your Octopus Server. This is very convenient when getting started with Octopus, but comes with several security implications.

Common security vulnerabilities and exploits

This section describes how Octopus Deploy prevents attackers from leveraging common vulnerabilities and exploits.

Cross-Site Request Forgery (CSRF) and Octopus Deploy

Octopus Server actively prevents Cross-Site Request Forgery (CSRF) using anti-forgery tokens.

SHA1 "Shattered" collision and Octopus Deploy

How the SHA1 "Shattered" Collision impacts Octopus Deploy

Spectre (Speculative Execution Side-Channel Vulnerabilities), Meltdown, and Octopus Deploy

How the Spectre (speculative execution side-channel vulnerabilities) and meltdown vulnerabilities impact Octopus Deploy

Cross-Site Scripting (XSS) and Octopus Deploy

Octopus Server actively prevents Cross-Site Scripting (XSS) using a number of preventative measures.

Data encryption

This section describes how Octopus Deploy encrypts sensitive data at rest.

You can keep your Octopus installation inside your corporate network, or you may want to expose it to the Internet. This section describes how to safely expose your Octopus installation and the security implications you should consider.

Expose the Octopus Web Portal over HTTPS

How to expose the Octopus Web Portal securely over HTTPS.

Let's Encrypt integration

Octopus can integrate with Let's Encrypt to setup and automatically renew the Octopus Portal SSL certificate.

Use IIS as a reverse proxy for Octopus Deploy

How to set up IIS 7 (or later) as a Reverse Proxy for Octopus Deploy

FIPS and Octopus Deploy

Details of using Octopus Deploy in a FIPS compliant environment.

Hardening Octopus

If you are hosting Octopus Deploy yourself, this guide will help you harden your network, host operating system, and Octopus Server itself. This includes things such as configuring malware protection (anti-virus), and utilizing allow lists.

HTTP Security Headers

Describes the security related browser headers that Octopus supports

Octopus - Tentacle communication

Octopus Server and Tentacle communications details.

How to use custom certificates with Octopus Server and Tentacle

How to use custom certificates with Octopus Server and Tentacle.

Troubleshooting Schannel and TLS

Troubleshooting Octopus secure communication issues with Schannel and TLS.

Outbound requests

Traffic details of network requests made by Octopus and Tentacle, and what information is included when Octopus checks for updates.

PCI compliance and Octopus Deploy

Using Octopus Deploy in PCI compliant environments.

Script integrity in Octopus Deploy

Script integrity is an interesting topic, especially in security sensitive situations. This page describes how scripting works in Octopus Deploy, interaction with PowerShell Execution Policies, and how to make Octopus work in restrictive environments.