Hi, Security question here.
Is there any reason why Jenkins would ever need to request the content of c:\windows\system32\lsass.exe (Local Security Authority Subsystem Service)? The endpoint protection on the Jenkins device is denying Jenkins access to lsass.exe, and the devs are unable to tell me why their favorite automation tool needs to do an activity that is highly suspicious in terms of security. Adversaries may attempt to access credential material stored in the process memory of the Local Security Authority Subsystem Service. I was hoping that the community could help me here. I have no direct access to the Jenkins device, I only see suspicious events being reported by the endpoint security software. -- You received this message because you are subscribed to the Google Groups "Jenkins Users" group. To unsubscribe from this group and stop receiving emails from it, send an email to jenkinsci-users+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/jenkinsci-users/9c7d6725-e509-4cba-a456-a822fcd221d2n%40googlegroups.com.
