To make Octopus Deploy useful to your organization it needs a high level of access to your servers and infrastructure. We take great care to understand common vulnerabilities and exploits which could affect your Octopus Deploy installation, and ensure our software prevents anyone from leveraging these.
This section describes how Octopus Deploy prevents attackers from leveraging common vulnerabilities and exploits.
- Cross-Site Request Forgery (CSRF) and Octopus Deploy
- SHA1 "Shattered" collision and Octopus Deploy
- Spectre (Speculative Execution Side-Channel Vulnerabilities), Meltdown, and Octopus Deploy
- Cross-Site Scripting (XSS) and Octopus Deploy
Need support? We're here to help.