Upgrade to Pro
— share decks privately, control downloads, hide ads and more …
Speaker Deck
Features
Speaker Deck
PRO
Sign in
Sign up for free
Search
Search
DevSecOps - Vom Unikum zur gut geölten Maschine
Search
Nicolas Byl
December 08, 2021
Technology
0
68
DevSecOps - Vom Unikum zur gut geölten Maschine
Nicolas Byl
December 08, 2021
Tweet
Share
More Decks by Nicolas Byl
See All by Nicolas Byl
Die Flucht aus der Prototypen-Hölle
nbyl
0
11
Lean Prototyping for Industrial-IoT Projects
nbyl
0
16
Securing your software supply chain
nbyl
0
250
Keeping-Up-WithUpstream.pdf
nbyl
0
93
Dr. Kube und der Helm - Anatomie einer CD-Pipeline
nbyl
0
85
Securing the "other" supply chain
nbyl
0
200
Kubernetes - Auf die Cluster, Fertig, Los!
nbyl
0
110
Helm - Kubernetes Deployments richtig gemacht
nbyl
0
90
It's the developers, stupid!
nbyl
0
120
Other Decks in Technology
See All in Technology
競技としてのKaggle、役に立つKaggle
yu4u
3
1.6k
Meta Quest 3 で動く桜マシマシ WebXR アプリを IBM Cloud Code Engine と Babylon.js で作った話
1ftseabass
PRO
0
120
Google Cloud Next '24でブログを10本書いた方法と勉強会を沸かせた方法
yasumuusan
0
300
JAWS-UG Bedrock Claude Night
yamahiro
3
610
複雑な構成要素を持つUIとの向き合い方 〜新・支出グラフでの実例〜 / B43 TECH TALK
nakamuuu
0
140
障害対応をちょっとずつよくしていくための 演習の作りかた
heleeen
0
220
Databricks における 『MLOps』
databricksjapan
2
170
一生覚えておきたい「システム開発=コミュニケーション」〜初めての実務案件振り返りLT〜
maimyyym
0
140
開発生産性大幅アップ!Postman VS Code拡張機能
nagix
2
380
DMM.com アルファ室採用案内資料
hsugita
1
150
MySQL の SQL クエリチューニングの要所を掴む勉強会
andpad
3
6.4k
リテール金融(キャッシュレス・ネット銀行・ネット証券)の競争環境と経済圏
8maki
0
1.2k
Featured
See All Featured
From Idea to $5000 a Month in 5 Months
shpigford
377
45k
Making Projects Easy
brettharned
108
5.5k
In The Pink: A Labor of Love
frogandcode
138
21k
Web Components: a chance to create the future
zenorocha
305
41k
Principles of Awesome APIs and How to Build Them.
keavy
121
16k
Web development in the modern age
philhawksworth
202
10k
Ruby is Unlike a Banana
tanoku
96
10k
Documentation Writing (for coders)
carmenintech
60
3.9k
Helping Users Find Their Own Way: Creating Modern Search Experiences
danielanewman
20
1.9k
Become a Pro
speakerdeck
PRO
11
4.5k
Learning to Love Humans: Emotional Interface Design
aarron
267
39k
Reflections from 52 weeks, 52 projects
jeffersonlam
345
19k
Transcript
1 NICOLAS BYL DEVSECOPS VOM UNIKUM ZUR GUT GEÖLTEN MASCHINE
2 INTRODUCTION
3 THE DEVSECOPS CYCLE
4 THE CASTLE ILLUSION
5 THE DEVSECOPS CYCLE
6 THE DEVSECOPS CYCLE
7 SECURE ARCHITECTURE
8 THREAT MODELLING
9 COMPLIANCE
10 PENTESTS
11 THE DEVSECOPS CYCLE
12 DESIGN PATTERNS
13 PRE-COMMIT HOOKS
14 CODE REVIEWS
15 COMMIT SIGNING
16 THE DEVSECOPS CYCLE
17 THE DEPENDENCY ICEBERG
18 AUTOMATION IS KING SOURCE CODE ANALYSIS • FindBugs •
SonarQube • SAST • DAST SOURCE CODE ANALYSIS DEPENDENCY ANALYSIS • Maven, npm, ... • Container Images • Operating System Packages UPDATE AUTOMATION • npm audit • Dependabot • Renovate
19 THE DEVSECOPS CYCLE
20 POLICY OVER CHECKLISTS
21 THE KEY TO THE KINGDOM
22 ZERO-TRUST DEPLOYMENT
23 ROLLER COASTER PASSWORDS
24 INVENTORY SCANS
25 FIRE DRILLS & CHAOS ENGINEERING
26 HOW TO GET IN TOUCH
[email protected]
@ClusterBauer https://www.nexineer.io/career/ WE
ARE ALWAYS LOOKING FOR GREAT COLLEAGUES…
27 PATCHING Sicheres Artefakt Artefakt mit bekannter Schwachstelle Scanning Patching