Upgrade to Pro
— share decks privately, control downloads, hide ads and more …
Speaker Deck
Features
Speaker Deck
PRO
Sign in
Sign up for free
Search
Search
DevSecOps - Vom Unikum zur gut geölten Maschine
Search
Nicolas Byl
December 08, 2021
Technology
0
86
DevSecOps - Vom Unikum zur gut geölten Maschine
Nicolas Byl
December 08, 2021
Tweet
Share
More Decks by Nicolas Byl
See All by Nicolas Byl
Die Flucht aus der Prototypen-Hölle
nbyl
0
40
Lean Prototyping for Industrial-IoT Projects
nbyl
0
35
Securing your software supply chain
nbyl
0
350
Keeping-Up-WithUpstream.pdf
nbyl
0
140
Dr. Kube und der Helm - Anatomie einer CD-Pipeline
nbyl
0
110
Securing the "other" supply chain
nbyl
0
240
Kubernetes - Auf die Cluster, Fertig, Los!
nbyl
0
160
Helm - Kubernetes Deployments richtig gemacht
nbyl
0
120
It's the developers, stupid!
nbyl
0
170
Other Decks in Technology
See All in Technology
Tailwind CSS の小話「コンテナークエリーって便利」
yamaday
0
120
続・やっぱり余白が大切だった話
kakehashi
PRO
4
340
Cursorをチョッパヤインタビューライターにチューニングする方法 / how to tuning cursor for interview write
shuzon
2
240
CARTA HOLDINGS エンジニア向け 採用ピッチ資料 / CARTA-GUIDE-for-Engineers
carta_engineering
0
27k
Google Cloud Next 2025 Recap アプリケーション開発を加速する機能アップデート / Application development-related features of Google Cloud
ryokotmng
0
240
Docker Compose で手軽に手元環境を実現する / Simplifying Local Environments with Docker Compose #CinemaDeLT
nabeo
0
190
Kaigi Effect 2025 #rubykaigi2025_after
sue445
0
160
非root化Androidスマホでも動く仮想マシンアプリを試してみた
arkw
0
130
Terraform にコントリビュートしていたら Azure のコストをやらかした話 / How I Messed Up Azure Costs While Contributing to Terraform
nnstt1
1
520
Simplify! 10 ways to reduce complexity in software development
ufried
2
260
ユーザーコミュニティが海外スタートアップのDevRelを補完する瞬間
nagauta
1
190
Google Cloud Next 2025 Recap マーケティング施策の運用及び開発を支援するAIの活用 / Use of AI to support operation and development of marketing campaign
atsushiyoshikawa
0
240
Featured
See All Featured
A Modern Web Designer's Workflow
chriscoyier
693
190k
The Invisible Side of Design
smashingmag
299
50k
YesSQL, Process and Tooling at Scale
rocio
172
14k
[Rails World 2023 - Day 1 Closing Keynote] - The Magic of Rails
eileencodes
34
2.2k
Intergalactic Javascript Robots from Outer Space
tanoku
271
27k
Cheating the UX When There Is Nothing More to Optimize - PixelPioneers
stephaniewalter
280
13k
Fireside Chat
paigeccino
37
3.4k
The MySQL Ecosystem @ GitHub 2015
samlambert
251
12k
The Web Performance Landscape in 2024 [PerfNow 2024]
tammyeverts
5
570
CSS Pre-Processors: Stylus, Less & Sass
bermonpainter
357
30k
Principles of Awesome APIs and How to Build Them.
keavy
126
17k
How STYLIGHT went responsive
nonsquared
100
5.5k
Transcript
1 NICOLAS BYL DEVSECOPS VOM UNIKUM ZUR GUT GEÖLTEN MASCHINE
2 INTRODUCTION
3 THE DEVSECOPS CYCLE
4 THE CASTLE ILLUSION
5 THE DEVSECOPS CYCLE
6 THE DEVSECOPS CYCLE
7 SECURE ARCHITECTURE
8 THREAT MODELLING
9 COMPLIANCE
10 PENTESTS
11 THE DEVSECOPS CYCLE
12 DESIGN PATTERNS
13 PRE-COMMIT HOOKS
14 CODE REVIEWS
15 COMMIT SIGNING
16 THE DEVSECOPS CYCLE
17 THE DEPENDENCY ICEBERG
18 AUTOMATION IS KING SOURCE CODE ANALYSIS • FindBugs •
SonarQube • SAST • DAST SOURCE CODE ANALYSIS DEPENDENCY ANALYSIS • Maven, npm, ... • Container Images • Operating System Packages UPDATE AUTOMATION • npm audit • Dependabot • Renovate
19 THE DEVSECOPS CYCLE
20 POLICY OVER CHECKLISTS
21 THE KEY TO THE KINGDOM
22 ZERO-TRUST DEPLOYMENT
23 ROLLER COASTER PASSWORDS
24 INVENTORY SCANS
25 FIRE DRILLS & CHAOS ENGINEERING
26 HOW TO GET IN TOUCH
[email protected]
@ClusterBauer https://www.nexineer.io/career/ WE
ARE ALWAYS LOOKING FOR GREAT COLLEAGUES…
27 PATCHING Sicheres Artefakt Artefakt mit bekannter Schwachstelle Scanning Patching