Upgrade to Pro
— share decks privately, control downloads, hide ads and more …
Speaker Deck
Features
Speaker Deck
PRO
Sign in
Sign up for free
Search
Search
DevSecOps - Vom Unikum zur gut geölten Maschine
Search
Nicolas Byl
December 08, 2021
Technology
0
83
DevSecOps - Vom Unikum zur gut geölten Maschine
Nicolas Byl
December 08, 2021
Tweet
Share
More Decks by Nicolas Byl
See All by Nicolas Byl
Die Flucht aus der Prototypen-Hölle
nbyl
0
35
Lean Prototyping for Industrial-IoT Projects
nbyl
0
27
Securing your software supply chain
nbyl
0
330
Keeping-Up-WithUpstream.pdf
nbyl
0
130
Dr. Kube und der Helm - Anatomie einer CD-Pipeline
nbyl
0
100
Securing the "other" supply chain
nbyl
0
230
Kubernetes - Auf die Cluster, Fertig, Los!
nbyl
0
150
Helm - Kubernetes Deployments richtig gemacht
nbyl
0
120
It's the developers, stupid!
nbyl
0
160
Other Decks in Technology
See All in Technology
データの品質が低いと何が困るのか
kzykmyzw
6
1.1k
リアルタイム分析データベースで実現する SQLベースのオブザーバビリティ
mikimatsumoto
0
1.3k
抽象化をするということ - 具体と抽象の往復を身につける / Abstraction and concretization
soudai
16
3.6k
データマネジメントのトレードオフに立ち向かう
ikkimiyazaki
6
960
人はなぜISUCONに夢中になるのか
kakehashi
PRO
6
1.6k
滅・サービスクラス🔥 / Destruction Service Class
sinsoku
6
1.6k
Oracle Base Database Service 技術詳細
oracle4engineer
PRO
6
57k
関東Kaggler会LT: 人狼コンペとLLM量子化について
nejumi
3
580
Amazon S3 Tablesと外部分析基盤連携について / Amazon S3 Tables and External Data Analytics Platform
nttcom
0
130
MC906491 を見据えた Microsoft Entra Connect アップグレード対応
tamaiyutaro
1
540
Culture Deck
optfit
0
420
2024.02.19 W&B AIエージェントLT会 / AIエージェントが業務を代行するための計画と実行 / Algomatic 宮脇
smiyawaki0820
13
3.3k
Featured
See All Featured
Helping Users Find Their Own Way: Creating Modern Search Experiences
danielanewman
29
2.4k
Being A Developer After 40
akosma
89
590k
The Web Performance Landscape in 2024 [PerfNow 2024]
tammyeverts
4
410
Testing 201, or: Great Expectations
jmmastey
42
7.2k
The Art of Delivering Value - GDevCon NA Keynote
reverentgeek
10
1.3k
Scaling GitHub
holman
459
140k
Creating an realtime collaboration tool: Agile Flush - .NET Oxford
marcduiker
27
1.9k
Bash Introduction
62gerente
611
210k
Fontdeck: Realign not Redesign
paulrobertlloyd
83
5.4k
GraphQLとの向き合い方2022年版
quramy
44
13k
Code Review Best Practice
trishagee
67
18k
Why You Should Never Use an ORM
jnunemaker
PRO
55
9.2k
Transcript
1 NICOLAS BYL DEVSECOPS VOM UNIKUM ZUR GUT GEÖLTEN MASCHINE
2 INTRODUCTION
3 THE DEVSECOPS CYCLE
4 THE CASTLE ILLUSION
5 THE DEVSECOPS CYCLE
6 THE DEVSECOPS CYCLE
7 SECURE ARCHITECTURE
8 THREAT MODELLING
9 COMPLIANCE
10 PENTESTS
11 THE DEVSECOPS CYCLE
12 DESIGN PATTERNS
13 PRE-COMMIT HOOKS
14 CODE REVIEWS
15 COMMIT SIGNING
16 THE DEVSECOPS CYCLE
17 THE DEPENDENCY ICEBERG
18 AUTOMATION IS KING SOURCE CODE ANALYSIS • FindBugs •
SonarQube • SAST • DAST SOURCE CODE ANALYSIS DEPENDENCY ANALYSIS • Maven, npm, ... • Container Images • Operating System Packages UPDATE AUTOMATION • npm audit • Dependabot • Renovate
19 THE DEVSECOPS CYCLE
20 POLICY OVER CHECKLISTS
21 THE KEY TO THE KINGDOM
22 ZERO-TRUST DEPLOYMENT
23 ROLLER COASTER PASSWORDS
24 INVENTORY SCANS
25 FIRE DRILLS & CHAOS ENGINEERING
26 HOW TO GET IN TOUCH
[email protected]
@ClusterBauer https://www.nexineer.io/career/ WE
ARE ALWAYS LOOKING FOR GREAT COLLEAGUES…
27 PATCHING Sicheres Artefakt Artefakt mit bekannter Schwachstelle Scanning Patching
nbyl
kzykmyzw
mikimatsumoto
soudai
ikkimiyazaki
kakehashi
sinsoku
oracle4engineer
nejumi
nttcom
tamaiyutaro
.png){kind=avatar}
optfit
smiyawaki0820
danielanewman
akosma
tammyeverts
jmmastey
reverentgeek
holman
marcduiker
62gerente
paulrobertlloyd
quramy
trishagee
jnunemaker
![26 HOW TO GET IN TOUCH [email protected] @ClusterBauer https://www.nexineer.io/career/ WE](https://files.speakerdeck.com/presentations/bc9481b009f54a0aac7900020fe93776/slide_25.jpg){kind=link}
