Common pitfalls in Jenkins security - and How to avoid them

Jenkins is remote execution engine which has access to project data… by design. So, how secure is your instance and data in it?

When it comes to Jenkins instances with hundreds of users, it is hard to retain status quo between security itself and its impact on user experience due to the restrictions and performance degradation. I will talk about Jenkins security model, best practices and common non-newbie configuration mistakes which we often see on production instances. In particular we will discuss Groovy scripting, controller-to-agent communications and resource isolation.

Target audience for this talk: experienced Jenkins administrators and users interested in Security.

Oleg Nenashev

Community Builder, CNCF Ambassador, Jenkins core maintainer

Neuchâtel, Switzerland

View Speaker Profile

Please note that Sessionize is not responsible for the accuracy or validity of the data provided by speakers. If you suspect this profile to be fake or spam, please let us know.

Jump to top