Artifactory
Service Name: JFrog Artifactory
Service Description: JFrog Artifactory is a universal repository manager that supports all major packaging formats, build tools, and CI/CD servers. It serves as a single source of truth for all packages, container images, and Helm charts.
Service Address: https://jfrog.com/artifactory/
- Validation Type: -
- IP Allow list: Does not exist
- Secret Access Scope: Grants access to Artifactory repositories and artifacts.
- Secret Revokement URL: Does not exist
- Secret Example:
AKCp8hyBxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx
- Suspicious Activity Investigation Instructions:
- Check Artifactory audit logs for unauthorized access or downloads
- Review recent artifact uploads for malicious content
- Examine user activity patterns for unusual behavior
- Check for unexpected repository creation or configuration changes
- Mitigation Instructions:
- Revoke the compromised token immediately through the JFrog Artifactory
UI
- Navigate to Administration > Security > Access Tokens
- Locate the compromised token and click "Revoke"
- Create a new token with appropriate permissions
-
Update any legitimate applications using the old token
-
Review and adjust token permissions to follow the principle of least privilege