Wednesday, September 19 • 3:45pm - 4:30pm
Common Pitfalls in Jenkins Security and How to Avoid Them
Jenkins is a remote execution engine which has access to project data…by design. So, how secure is your instance and the data within it? When it comes to Jenkins instances with hundreds of users, it is hard to retain status quo between security itself and its impact on user experience due to restrictions and performance degradation. I will talk about the Jenkins security model, best practices and common non-newbie configuration mistakes which we often see in production instances. In particular, we will discuss Groovy scripting, master-to-agent communications and resource isolation.

Target audience for this talk: experienced Jenkins administrators.

avatar for Oleg Nenashev

Oleg Nenashev

Oleg is an R&D and automation engineer with hardware/embedded background. He started using Jenkins in 2008 and participated in many large-scale automation projects for software and hardware products. In the Jenkins project, Oleg maintains the core, remoting and many plugins. He also... Read More →

Wednesday September 19, 2018 3:45pm - 4:30pm
Golden Gate Ballroom B