Upgrade to Pro
— share decks privately, control downloads, hide ads and more …
Speaker Deck
Features
Speaker Deck
PRO
Sign in
Sign up for free
Search
Search
DevSecOps - Vom Unikum zur gut geölten Maschine
Search
Nicolas Byl
December 08, 2021
Technology
0
110
DevSecOps - Vom Unikum zur gut geölten Maschine
Nicolas Byl
December 08, 2021
Tweet
Share
More Decks by Nicolas Byl
See All by Nicolas Byl
Platform Engineering ❤️ Developer Experience
nbyl
0
20
Die Flucht aus der Prototypen-Hölle
nbyl
0
44
Lean Prototyping for Industrial-IoT Projects
nbyl
0
56
Securing your software supply chain
nbyl
0
370
Keeping-Up-WithUpstream.pdf
nbyl
0
170
Dr. Kube und der Helm - Anatomie einer CD-Pipeline
nbyl
0
130
Securing the "other" supply chain
nbyl
0
290
Kubernetes - Auf die Cluster, Fertig, Los!
nbyl
0
200
Helm - Kubernetes Deployments richtig gemacht
nbyl
0
130
Other Decks in Technology
See All in Technology
Cloud WAN MCP Serverから考える新しいネットワーク運用 / 20251228 Masaki Okuda
shift_evolve
PRO
0
130
Agent Skillsがハーネスの垣根を超える日
gotalab555
7
4.9k
AgentCoreとStrandsで社内d払いナレッジボットを作った話
motojimayu
1
1.2k
The State of AI Agent Security:2025年の総括と2026年の宿題
pict3
0
110
Introduce marp-ai-slide-generator
itarutomy
0
150
2025年 山梨の技術コミュニティを振り返る
yuukis
0
130
[Neurogica] 採用ポジション/ Recruitment Position
neurogica
1
140
日本Rubyの会: これまでとこれから
snoozer05
PRO
6
250
ECS_EKS以外の選択肢_ROSA入門_.pdf
masakiokuda
1
120
「もしもデータ基盤開発で『強くてニューゲーム』ができたなら今の僕はどんなデータ基盤を作っただろう」
aeonpeople
0
270
AWSの新機能をフル活用した「re:Inventエージェント」開発秘話
minorun365
2
520
ペアーズにおけるAIエージェント 基盤とText to SQLツールの紹介
hisamouna
2
1.9k
Featured
See All Featured
Jess Joyce - The Pitfalls of Following Frameworks
techseoconnect
PRO
1
34
[RailsConf 2023] Rails as a piece of cake
palkan
58
6.2k
Testing 201, or: Great Expectations
jmmastey
46
7.8k
AI in Enterprises - Java and Open Source to the Rescue
ivargrimstad
0
1.1k
Mobile First: as difficult as doing things right
swwweet
225
10k
Easily Structure & Communicate Ideas using Wireframe
afnizarnur
194
17k
Rails Girls Zürich Keynote
gr2m
95
14k
Code Reviewing Like a Champion
maltzj
527
40k
Build your cross-platform service in a week with App Engine
jlugia
234
18k
From Legacy to Launchpad: Building Startup-Ready Communities
dugsong
0
120
The Anti-SEO Checklist Checklist. Pubcon Cyber Week
ryanjones
0
31
Evolution of real-time – Irina Nazarova, EuRuKo, 2024
irinanazarova
9
1.1k
Transcript
1 NICOLAS BYL DEVSECOPS VOM UNIKUM ZUR GUT GEÖLTEN MASCHINE
2 INTRODUCTION
3 THE DEVSECOPS CYCLE
4 THE CASTLE ILLUSION
5 THE DEVSECOPS CYCLE
6 THE DEVSECOPS CYCLE
7 SECURE ARCHITECTURE
8 THREAT MODELLING
9 COMPLIANCE
10 PENTESTS
11 THE DEVSECOPS CYCLE
12 DESIGN PATTERNS
13 PRE-COMMIT HOOKS
14 CODE REVIEWS
15 COMMIT SIGNING
16 THE DEVSECOPS CYCLE
17 THE DEPENDENCY ICEBERG
18 AUTOMATION IS KING SOURCE CODE ANALYSIS • FindBugs •
SonarQube • SAST • DAST SOURCE CODE ANALYSIS DEPENDENCY ANALYSIS • Maven, npm, ... • Container Images • Operating System Packages UPDATE AUTOMATION • npm audit • Dependabot • Renovate
19 THE DEVSECOPS CYCLE
20 POLICY OVER CHECKLISTS
21 THE KEY TO THE KINGDOM
22 ZERO-TRUST DEPLOYMENT
23 ROLLER COASTER PASSWORDS
24 INVENTORY SCANS
25 FIRE DRILLS & CHAOS ENGINEERING
26 HOW TO GET IN TOUCH
[email protected]
@ClusterBauer https://www.nexineer.io/career/ WE
ARE ALWAYS LOOKING FOR GREAT COLLEAGUES…
27 PATCHING Sicheres Artefakt Artefakt mit bekannter Schwachstelle Scanning Patching
nbyl
shift_evolve
gotalab555
motojimayu
pict3
itarutomy
yuukis
neurogica
snoozer05
masakiokuda
aeonpeople
minorun365
hisamouna
techseoconnect
palkan
jmmastey
ivargrimstad
swwweet
afnizarnur
gr2m
maltzj
jlugia
dugsong
ryanjones
irinanazarova
![26 HOW TO GET IN TOUCH [email protected] @ClusterBauer https://www.nexineer.io/career/ WE](https://files.speakerdeck.com/presentations/bc9481b009f54a0aac7900020fe93776/slide_25.jpg){kind=link}
