Upgrade to Pro
— share decks privately, control downloads, hide ads and more …
Speaker Deck
Features
Speaker Deck
PRO
Sign in
Sign up for free
Search
Search
DevSecOps - Vom Unikum zur gut geölten Maschine
Search
Sponsored
·
Ship Features Fearlessly
Turn features on and off without deploys. Used by thousands of Ruby developers.
→
Nicolas Byl
December 08, 2021
Technology
120
0
Share
DevSecOps - Vom Unikum zur gut geölten Maschine
Nicolas Byl
December 08, 2021
More Decks by Nicolas Byl
See All by Nicolas Byl
Platform Engineering ❤️ Developer Experience
nbyl
0
52
Die Flucht aus der Prototypen-Hölle
nbyl
0
56
Lean Prototyping for Industrial-IoT Projects
nbyl
0
76
Securing your software supply chain
nbyl
0
390
Keeping-Up-WithUpstream.pdf
nbyl
0
190
Dr. Kube und der Helm - Anatomie einer CD-Pipeline
nbyl
0
150
Securing the "other" supply chain
nbyl
0
310
Kubernetes - Auf die Cluster, Fertig, Los!
nbyl
0
220
Helm - Kubernetes Deployments richtig gemacht
nbyl
0
150
Other Decks in Technology
See All in Technology
ビジュアルプログラミングIoTLT vol.23
1ftseabass
PRO
0
160
サプライチェーンセキュリティの空白地帯 - 信頼できる”依存性”の未来を考える
rung
PRO
2
510
Claude code Orchestra
ozakiomumkj
2
740
「使われるデータ基盤」を目指してデータアナリストとワークショップをやった話
jackojacko_
2
940
テストコードのないプロジェクトにテストを根付かせる
tttol
0
230
Spring Boot における AOT Cache 活用テクニックと 起動時間改善事例
ntt_dsol_java
0
180
Fabric-cicd によるAzure DevOps デプロイ
ryomaru0825
0
160
AIガバナンス実践 - 生成AIコネクタのデータ漏洩リスクと実務対策
knishioka
0
140
イベントで大活躍する電子ペーパー名札 〜その3〜 / ビジュアルプログラミングIoTLT vol.23
you
PRO
0
170
基礎から解説!Icebergで紐解くSnowflake×Databricks連携の現在地
cm_yasuhara
0
400
食べログのサーキットブレーカー導入を振り返って
atpons
1
150
AI時代の私の技術インプットとアウトプット術
tonkotsuboy_com
15
8k
Featured
See All Featured
Being A Developer After 40
akosma
91
590k
Leo the Paperboy
mayatellez
7
1.8k
How to audit for AI Accessibility on your Front & Back End
davetheseo
0
390
Prompt Engineering for Job Search
mfonobong
0
320
KATA
mclloyd
PRO
35
15k
Faster Mobile Websites
deanohume
310
31k
[RailsConf 2023] Rails as a piece of cake
palkan
59
6.6k
What's in a price? How to price your products and services
michaelherold
247
13k
Typedesign – Prime Four
hannesfritz
42
3.1k
VelocityConf: Rendering Performance Case Studies
addyosmani
333
25k
The Power of CSS Pseudo Elements
geoffreycrofte
82
6.3k
How to Ace a Technical Interview
jacobian
281
24k
Transcript
1 NICOLAS BYL DEVSECOPS VOM UNIKUM ZUR GUT GEÖLTEN MASCHINE
2 INTRODUCTION
3 THE DEVSECOPS CYCLE
4 THE CASTLE ILLUSION
5 THE DEVSECOPS CYCLE
6 THE DEVSECOPS CYCLE
7 SECURE ARCHITECTURE
8 THREAT MODELLING
9 COMPLIANCE
10 PENTESTS
11 THE DEVSECOPS CYCLE
12 DESIGN PATTERNS
13 PRE-COMMIT HOOKS
14 CODE REVIEWS
15 COMMIT SIGNING
16 THE DEVSECOPS CYCLE
17 THE DEPENDENCY ICEBERG
18 AUTOMATION IS KING SOURCE CODE ANALYSIS • FindBugs •
SonarQube • SAST • DAST SOURCE CODE ANALYSIS DEPENDENCY ANALYSIS • Maven, npm, ... • Container Images • Operating System Packages UPDATE AUTOMATION • npm audit • Dependabot • Renovate
19 THE DEVSECOPS CYCLE
20 POLICY OVER CHECKLISTS
21 THE KEY TO THE KINGDOM
22 ZERO-TRUST DEPLOYMENT
23 ROLLER COASTER PASSWORDS
24 INVENTORY SCANS
25 FIRE DRILLS & CHAOS ENGINEERING
26 HOW TO GET IN TOUCH
[email protected]
@ClusterBauer https://www.nexineer.io/career/ WE
ARE ALWAYS LOOKING FOR GREAT COLLEAGUES…
27 PATCHING Sicheres Artefakt Artefakt mit bekannter Schwachstelle Scanning Patching
nbyl
1ftseabass
rung
ozakiomumkj
jackojacko_
tttol
ntt_dsol_java
ryomaru0825
knishioka
you
cm_yasuhara
atpons
tonkotsuboy_com
akosma
mayatellez
davetheseo
mfonobong
mclloyd
deanohume
palkan
michaelherold
hannesfritz
addyosmani
geoffreycrofte
jacobian
![26 HOW TO GET IN TOUCH [email protected] @ClusterBauer https://www.nexineer.io/career/ WE](https://files.speakerdeck.com/presentations/bc9481b009f54a0aac7900020fe93776/slide_25.jpg){kind=link}
