📄️ Jenkins Security Hardening – Overview
This section focuses on securing Jenkins controllers, agents, pipelines, and integrations.
📄️ Authentication & Authorization
This document explains how Jenkins identifies users (authentication) and controls what they can do (authorization).
📄️ Role-Based Access Control (RBAC)
RBAC is the recommended authorization model for production Jenkins.
📄️ Controller Hardening
The Jenkins controller is the most sensitive component in the system.
📄️ Agent Security & Isolation
Jenkins agents execute untrusted and user-controlled code.
📄️ Plugin Security
Plugins extend Jenkins functionality but also extend its attack surface.
📄️ Network & Ingress Security
Network exposure is one of the most common Jenkins security failures.
📄️ Auditing & Monitoring
Auditing and monitoring help you detect misuse, attacks, and misconfigurations in Jenkins.