DevSecOps - Vom Unikum zur gut geölten Maschine

December 08, 2021

110

DevSecOps - Vom Unikum zur gut geölten Maschine

Nicolas Byl

December 08, 2021

Tweet

More Decks by Nicolas Byl

See All by Nicolas Byl

Platform Engineering ❤️ Developer Experience

0

34

Die Flucht aus der Prototypen-Hölle

0

51

Lean Prototyping for Industrial-IoT Projects

0

69

Securing your software supply chain

0

380

Keeping-Up-WithUpstream.pdf

0

180

Dr. Kube und der Helm - Anatomie einer CD-Pipeline

0

140

Securing the "other" supply chain

0

300

Kubernetes - Auf die Cluster, Fertig, Los!

0

200

Helm - Kubernetes Deployments richtig gemacht

0

140

Other Decks in Technology

See All in Technology

Windows ネットワークを再確認する

PRO

0

260

Introduction to Sansan, inc / Sansan Global Development Center, Inc.

PRO

0

3k

Oracle Base Database Service 技術詳細

oracle4engineer

PRO

15

95k

Eight Engineering Unit 紹介資料

PRO

1

6.9k

LINEアプリ開発のための Claude Code活用基盤の構築

PRO

2

1.4k

AIエンジニア Devin と歩む、自律型運用プロセスの構築

0

680

Evolution of Claude Code & How to use features

1

220

LINE Messengerの次世代ストレージ選定

PRO

19

7.3k

DX Improvement at Scale

2

290

管理者向けGitHub Enterpriseの運用Tips紹介: 人にもAIにも優しいプラットフォームづくり

0

110

トップマネジメントとコンピテンシーから考えるエンジニアリングマネジメント

3

540

Security Diaries of an Open Source IAM

0

200

Featured

See All Featured

A Tale of Four Properties

162

24k

Imperfection Machines: The Place of Print at Facebook

269

14k

Sharpening the Axe: The Primacy of Toolmaking

46

2.7k

Winning Ecommerce Organic Search in an AI Era - #searchnstuff2025

1

1.9k

How to Create Impact in a Changing Tech Landscape [PerfNow 2023]

55

3.3k

Connecting the Dots Between Site Speed, User Experience & Your Business [WebExpo 2025]

11

850

How to make the Groovebox

2

2k

"I'm Feeling Lucky" - Building Great Search Experiences for Today's Users (#IAC19)

231

22k

A Soul's Torment

5

2.4k

The Curious Case for Waylosing

0

260

Designing Powerful Visuals for Engaging Learning

0

260

Evolution of real-time – Irina Nazarova, EuRuKo, 2024

9

1.2k

Transcript

1 NICOLAS BYL DEVSECOPS VOM UNIKUM ZUR GUT GEÖLTEN MASCHINE
2 INTRODUCTION
3 THE DEVSECOPS CYCLE
4 THE CASTLE ILLUSION
5 THE DEVSECOPS CYCLE
6 THE DEVSECOPS CYCLE
7 SECURE ARCHITECTURE
8 THREAT MODELLING
9 COMPLIANCE
10 PENTESTS
11 THE DEVSECOPS CYCLE
12 DESIGN PATTERNS
13 PRE-COMMIT HOOKS
14 CODE REVIEWS
15 COMMIT SIGNING
16 THE DEVSECOPS CYCLE
17 THE DEPENDENCY ICEBERG
18 AUTOMATION IS KING SOURCE CODE ANALYSIS • FindBugs •
SonarQube • SAST • DAST SOURCE CODE ANALYSIS DEPENDENCY ANALYSIS • Maven, npm, ... • Container Images • Operating System Packages UPDATE AUTOMATION • npm audit • Dependabot • Renovate
19 THE DEVSECOPS CYCLE
20 POLICY OVER CHECKLISTS
21 THE KEY TO THE KINGDOM
22 ZERO-TRUST DEPLOYMENT
23 ROLLER COASTER PASSWORDS
24 INVENTORY SCANS
25 FIRE DRILLS & CHAOS ENGINEERING
26 HOW TO GET IN TOUCH [email protected] @ClusterBauer https://www.nexineer.io/career/ WE
ARE ALWAYS LOOKING FOR GREAT COLLEAGUES…
27 PATCHING Sicheres Artefakt Artefakt mit bekannter Schwachstelle Scanning Patching