conf 2018-11-09 14:00 – 14:50 FR

How to provide security fixes in a high constraint ecosystem? Practical examples with the Jenkins project

Name: Black Alps 2018
Start: 2018-11-08
End: 2018-11-09
Location: Y-PARC, Yverdon-les-Bains

Abstract

Lessons learned from a security team member of a widely used open source project (Jenkins). How to solve security issues when you need to face multiple constraints like living in public/private plugins ecosystem, assuring backward binary compatibility, providing escape-hatch or even better progressive migration. I will present our approach to tackle those obstacles with practical examples.

Download slides (PDF)

Speaker

Wadeck Follonier

Security Software Engineer

CloudBees SA

Wadeck Follonier is a Security Software Engineer at CloudBees SA and active member of the Jenkins Security Team. He finished his Master's degree in Computer Science with a specialization in Internet Computing at EPFL in 2011. Prior to joining CloudBees, he started his career in various positions such as Software Engineer, Project Manager or even Application Manager. He always has the desire to find solutions that are also considering maintenance in account. In his current role, he has the pleasure to work with lots of different applications through all the Jenkins plugins. Outside of security, if you have some interests in genetic algorithms or video game development, feel free to approach him.

Talk

How to provide security fixes in a high constraint ecosystem? Practical examples with the Jenkins project