Jenkins is remote execution engine which has access to project data… by design. So, how secure is your instance and data in it?

When it comes to Jenkins instances with hundreds of users, it is hard to retain status quo between security itself and its impact on user experience due to the restrictions and performance degradation. I will talk about Jenkins security model, best practices and common non-newbie configuration mistakes which we often see on production instances. In particular we will discuss Groovy scripting, controller-to-agent communications and resource isolation.

Target audience for this talk: experienced Jenkins administrators and users interested in Security.