Loading…
DevOps World | Jenkins World 2019 Lisbon has ended
Simple
Expanded
Grid
By Venue
DevSecOps and Security [clear filter]
Thursday, December 5
 

11:30 PST

Make It Scale: Intelligent Jenkins Pipelines
Do you have several independent development projects? Do you need to scale Jenkins Pipelines across projects as efficiently as possible while keeping teams autonomous? We will share with you: 
* How we address this within the SAP ecosystem for a few hundred development projects in order to comply with our high quality and security standards.
* How you can adopt it for your own scenarios also outside the SAP scope.

Our solution is available as an open source project and based on:
* Jenkins Pipelines as Code. 
* Jenkins Shared Groovy Libraries. 
* Kubernetes and Docker. 

We combined it with:
* Smart pipeline logic. 
* Layered yaml-based configuration. 
* Advanced quality process for the library itself. 

Get insights into the open source Jenkins library offering you a highly configurable and flexible way to scale CI/CD best practices throughout your teams while keeping them in the driver seat. Besides looking at the status quo, we will also share ideas how this might evolve in the light of the Continuous Delivery Foundation established early 2019.
Speakers
avatar for Oliver Nocon

Oliver Nocon

Chief expert and CD/DevOps coach, SAP SE
Oliver is chief expert and CD/DevOps coach at SAP SE located in Walldorf/Germany. He has been working in SAP’s development organization since 2001 and has a proven track record in technology topics as well as in project, program, and delivery management - especially in the cloud-space... Read More →
avatar for Sven Merk

Sven Merk

Security Architect, SAP SE
Sven joined SAP‘s development organization in 2010 experienced in Java and web development projects. Since 2017, he's been focused on product security and joined SAP’s Industry and Cross Development security team. While leading the Security and Data Privacy workstream for SAP’s... Read More →

2019 DWJW Lisbon Merk Nocon Sven Merk pdf
Thursday December 5, 2019 11:30 - 12:15 PST
Auditorium IV
  DevSecOps and Security, CI/CD, Enterprise DevOps leadership, Cloud Native Evolution

11:30 PST

Thinking About Jenkins Security
This session is a condensed form of a two-hour training course that Wadeck and Mark presented remotely, along with demonstrations of areas of particular importance when securing Jenkins. This talk covers: Jenkins security concepts, Authorization, Authentication, Secure builds, Agent security, Configuration and administration security and Security best practices.

Speakers
avatar for Wadeck Follonier

Wadeck Follonier

Sr Security Software Engineer, CloudBees, Inc.
Wadeck Follonier is a Security Software Engineer at CloudBees SA and active member of the Jenkins Security Team. He finished his Master's degree in Computer Science with a specialization in Internet Computing in 2011. Prior to joining CloudBees, he started his career in various positions... Read More →
avatar for Mark Waite

Mark Waite

Technical Evangelist, CloudBees
Developer, tester, reformed manager, Jenkins user and Jenkins contributor, Mark started using Hudson/Jenkins in 2008 and became an active contributor in 2014. He maintains the Git plugin and the Git client plugin. Mark works at CloudBees creating and presenting training. Mark is a... Read More →

Thinking about JEnkins Security pdf
Thursday December 5, 2019 11:30 - 12:15 PST
Sala 3A
  DevSecOps and Security, Jenkins Admin

14:45 PST

10 Attributes of the DevSecOps Elite
We've spent six years studying secure coding practices of DevOps and continuous delivery organizations by surveying over 15,000 IT professionals.  We've analyzed their staffing practices, educational priorities, automation choices and process improvements that improve their cybersecurity preparedness. Our study has also uncovered details of where automation fails, awareness falls short and breaches happen.



Come participate in this session where we will share the 10 habits practiced by the DevSecOps Elite that you can then apply to -- or further mature within -- your own organization. We will also uncover what our analysis revealed about securing CI/CD pipelines, including what popular Jenkins plug-ins are used for security.
Speakers
avatar for DJ Schleen

DJ Schleen

DevSecOps advocate, Sonatype
DJ is a seasoned DevSecOps advocate at Sonatype and provides thought leadership to organizations looking to integrate security into their DevOps practices. He comes from a practitioner background and specializes in architecting DevSecOps pipelines, automating security in DevOps environments... Read More →
avatar for Hasan Yasar

Hasan Yasar

Technical Director, Software Engineering Institute |CMU
Hasan Yasar is the Technical Director of the Continuous Deployment of Capability group at the Software Engineering Institute, CMU. Hasan leads an engineering group to enable, accelerate and assure Transformation at the speed of relevance by leveraging, DevSecOps, Agile, Lean AI/ML... Read More →

JWDW DevSecOps Top 10 Lisbon pdf
Thursday December 5, 2019 14:45 - 15:30 PST
Auditorium VI
  DevSecOps and Security
 
Filter sessions
Apply filters to sessions.
Tuesday, December 3
Wednesday, December 4
Thursday, December 5
Auditorium I
Auditorium II
Auditorium III
Auditorium IV
Auditorium VI
Auditorium VII
CloudBees Booth in Expo Hall
Community Booth in Expo Hall
Expo Hall
Marriott Casablanca
Partner Theater
Sala 1.13
Sala 1.16
Sala 3A
Sala 3B
Sala 3C
  • All things Jenkins
  • Break
  • CI/CD
  • Cloud Native
  • Cloud Native Evolution
  • Data/Reporting
  • DevOps
  • DevOps leadership
  • DevOps Practitioner
  • DevSecOps
  • DevSecOps and Security
  • Enterprise DevOps leadership
  • Jenkins Admin
  • Jenkins X
  • Keynote
  • Registration
  • Release Mgmt
  • Social
  • Sponsor Session
  • Training Class
  • Workshop