Role-based automation has streamlined secure CI pipelines and supports data-driven delivery decisions
What is our primary use case?
I am still working with Black Duck. I am working with both
Jenkins on Hardened Ubuntu and Coverity. I have
Jenkins on Hardened Ubuntu on
Ubuntu and Windows. I am utilizing almost 200 Jenkins on Hardened Ubuntu plugins on hardened
Ubuntu.
Jenkins on Hardened Ubuntu is used for automated testing as well as manual testing, and in automated testing, I am able to organize and streamline the process. Once I build or once the requirement is there, the build pipelines are triggered to get the output and ensure the testing is in progress. It is extremely useful.
There is a role-based access system in Jenkins on Hardened Ubuntu on hardened Ubuntu and I am able to configure it for each user. For a developer, for integrator, for viewer, for reporters, there is a complete role-based access system. I call it RBAC. I have introduced these things and completely integrated with LDAP and it is highly secure.
Real-time feedback is impacting my team's productivity positively. There are a lot of version upgrades. I am at the latest version too, and I have not seen any crash or any problem with the current environment. It is good. I am able to proceed and upgrade. I am almost having 15 to 18 Jenkins on Hardened Ubuntu instances. Globally, I am using it across India and outside India too.
What is most valuable?
Jenkins on Hardened Ubuntu has extremely benefited our CI/CD pipelines. The whole of our build systems are completely running on Jenkins on Hardened Ubuntu and it is a day-to-day activity. Almost 300 to 400 integrators are using Jenkins on Hardened Ubuntu. It is basically to orchestrate our workflow and it is easy for us to take the build and release to the customer. It is extremely useful.
The metrics that I am using to measure the security effectiveness of Jenkins on Hardened Ubuntu are the DORA metrics. There is a standardized DORA metrics. I am already using DORA metrics which is exclusively for those things and there are four to five metrics that can be used to measure those things.
What needs improvement?
Any product that I create, I will have an improvement expectation for Jenkins on Hardened Ubuntu. The one expectation that I have is that the UI can be still improved. Some more metrics can be established. Nowadays, there are a lot of configurations. I should be able to really connect with AI as another feature that can also be integrated. These are the three or four items that can be added to the improvement toward Jenkins on Hardened Ubuntu.
Jenkins on Hardened Ubuntu could include AI chat features in the future to make it even better. When there is a build happening or when there is a job happening, I could ask in the chat how long that takes or what is the current job running. These AI features can be included.
For how long have I used the solution?
I have been working with Jenkins on Hardened Ubuntu for the last 10 to 12 years.
What do I think about the stability of the solution?
Initially, I had a little struggle in setting up Jenkins on Hardened Ubuntu but now I have become proficient and have expertise. This is not a big concern.
Initially, I faced some issues with plugins that might be incompatible while setting up Jenkins on Hardened Ubuntu. I had to really understand and ensure and set it up. The version and the plugin compatibility have to be checked properly. This helps me to quickly set up the environment.
What was our ROI?
I have seen return on investment. Approximately, it took me almost around 83 to 85 percentage to see ROI.
What's my experience with pricing, setup cost, and licensing?
The price for Jenkins on Hardened Ubuntu is not a constraint for me. As long as there are good features and it is a must, there should not be a problem. I have to invest in order to do my business. I do not see it as one of the constraints or limitations to work with.
What other advice do I have?
I am satisfied with Jenkins on Hardened Ubuntu and I am an expert with it. I am working with Jenkins on Hardened Ubuntu simultaneously on different operating systems, not only on Ubuntu but also Windows, and I find Ubuntu to be more convenient. Ubuntu is very straightforward to set up with just a few commands, which is why it is very easy. My review rating for Jenkins on Hardened Ubuntu is 8.5 out of 10.
Secure pipelines have reduced incidents and save significant setup and configuration time
What is our primary use case?
My main use case for Jenkins on Hardened Ubuntu is using a secure CICD pipeline on an Amazon Machine Image, which is already secure, so that deploying code is as secure as it can be rather than running it on my own VM and worrying about the security.
In my use case for Jenkins on Hardened Ubuntu, I write code within Visual Studio Code, push it to our code repository, and then Jenkins on Hardened Ubuntu has a webhook which allows it to link to that repository, enabling it to fetch the code and deploy it by running the CICD pipeline, making Jenkins on Hardened Ubuntu the CICD server in a secure way on Hardened Ubuntu AWS hosted.
There is nothing unique about my workflow or how it integrates with other tools.
What is most valuable?
One of the best features Jenkins on Hardened Ubuntu offers is that it saves time because rather than trying to have a vanilla OS, such as Ubuntu on an EC2 instance, and then trying to secure it yourself, Jenkins on Hardened Ubuntu is already secured with a ton of insecure features disabled on the VM, which saves us time and is quite cost-effective.
The IAM integration has helped my team because it is quicker to set up and more secure since using AWS IAM roles is natively secure, where long-term credentials can be insecure, but by using already configured IAM roles, it is much more secure.
Jenkins on Hardened Ubuntu has positively impacted my organization because it is more secure to use rather than us trying to use a vanilla OS, lowering the attack surface of common OS-related vulnerabilities.
What needs improvement?
There is a maintenance overhead to using Jenkins on Hardened Ubuntu since the customer is responsible for patching both Jenkins on Hardened Ubuntu and the OS, and although security issues are somewhat handled, Jenkins on Hardened Ubuntu third-party plugins may still be insecure, and hardened images can be too restrictive.
I do not think there are any other improvements needed for Jenkins on Hardened Ubuntu that have not been mentioned yet.
For how long have I used the solution?
I've used it within the last year, for a period of around one year.
What do I think about the stability of the solution?
Jenkins on Hardened Ubuntu is very stable, as it is maintained by AWS.
What do I think about the scalability of the solution?
Jenkins on Hardened Ubuntu is highly scalable because you can choose to have it on one instance, two, three, however many you want, and it automatically scales based on what you need.
How are customer service and support?
The customer support is part of AWS and Amazon support in general, which is always very good, with different tiers available offering quick response times and dedicated account managers for the highest tier.
How would you rate customer service and support?
Which solution did I use previously and why did I switch?
The previous solution I used was a vanilla OS, just using Ubuntu, and I switched to Jenkins on Hardened Ubuntu for increased security.
How was the initial setup?
I chose nine out of ten because it is very good for what it aims to do; it could be a little bit cheaper, but that is a minor thing, and I think it is reasonably priced.
What was our ROI?
I have definitely noticed a reduction in incidents and time saved since switching to Jenkins on Hardened Ubuntu, which saves at least between ten to twenty hours in configuration time, translating to potential savings of hundreds or even thousands of dollars.
From a time saved perspective, this solution saves at least between ten to twenty hours, but likely more, and it could prevent potential losses of tens or hundreds of thousands if it stops a security incident.
Which other solutions did I evaluate?
The only other option I evaluated before choosing Jenkins on Hardened Ubuntu was just using a base Ubuntu OS rather than a secured version from the Amazon Marketplace.
What other advice do I have?
If you are looking to self-host Jenkins on a VM, Jenkins on Hardened Ubuntu is a very secure way to do it, but many organizations now opt for cloud-managed CICD pipelines, so it is not appropriate for everyone.
There is no other business relationship with this vendor other than being a customer.
I gave this product a rating of nine out of ten.
Which deployment model are you using for this solution?
Public Cloud
If public cloud, private cloud, or hybrid cloud, which cloud provider do you use?
Amazon Web Services (AWS)
Integration capabilities and support are impressive
What is our primary use case?
I am using Jenkins on Hardened Ubuntu for procuring the infrastructure to deploy our applications and procuring databases for various tasks.
How has it helped my organization?
The benefits of Jenkins on Hardened Ubuntu include its easy integration with every tool. It can be used as both an integration tool and a deployment tool. With the help of scripts, we can easily configure Jenkins on Hardened Ubuntu in an effective way.
What is most valuable?
Jenkins on Hardened Ubuntu is an open-source tool that has many plugins to support all applications. This stands out as its main advantage.
What needs improvement?
I have not seen many disadvantages with Jenkins on Hardened Ubuntu.
From an improvement perspective, implementing AI features would be beneficial. If AI could be integrated for scripting in the Jenkins pipeline, it would be really good for users. Since AI has been adopted for many tools recently, this integration would enhance functionality.
For how long have I used the solution?
I have been using Jenkins on Hardened Ubuntu for the past six years.
What was my experience with deployment of the solution?
The installation and deployment process is straightforward, and I have not encountered any issues.
What do I think about the stability of the solution?
Stability is excellent with Jenkins on Hardened Ubuntu. I have experienced minimal unavailability with the system.
What do I think about the scalability of the solution?
Jenkins on Hardened Ubuntu is easy to scale.
How are customer service and support?
We have dealt with technical support from Jenkins on Hardened Ubuntu. The support provided has been good.
How would you rate customer service and support?
What was our ROI?
There has been a return on investment for many organizations using Jenkins on Hardened Ubuntu.
What's my experience with pricing, setup cost, and licensing?
The organization handles the payment for Jenkins on Hardened Ubuntu. I am not certain about how they calculate the usage percentage and pricing.
What other advice do I have?
We are using Jenkins on Hardened Ubuntu and other DevOps tools on AWS cloud. As DevOps administrators, we use various tools to configure and manage approximately 1000-1500 servers.
We use leasing services with AWS to reduce costs through bulk purchasing of services.
I work with AWS cloud for infrastructure procurement and database-related tasks. I am not familiar with the distributed build features or automated alerting and auditing features, as a separate team manages those aspects.
On a scale of 1-10, I rate Jenkins on Hardened Ubuntu a 9.
Which deployment model are you using for this solution?
Private Cloud
If public cloud, private cloud, or hybrid cloud, which cloud provider do you use?
Amazon Web Services (AWS)
