Take a few minutes to give your Octopus a security health check. We've recently shipped Octopus Cloud alpha which means we took time to look at how to keep a healthy and secure Octopus. You can too!
How recent SHA1 collision attack discoveries impact Octopus, and PowerShell scripts to detect if you use SHA1 certificates
Introducing Octopus Deploy 3.5, with new features including Subscriptions, Azure AD, GoogleApps and Extensibility
Octopus Deploy uses TLS 1.0 and isn't vulnerable to the SSL 3.0 "POODLE" vulnerability
Octopus uses SSL libraries in Windows, and so isn't vulnerable to the Hearbleed bug
From Octopus 2.2 onwards we're going to be storing API keys using a one-way hash function