Upgrade to Pro
— share decks privately, control downloads, hide ads and more …
Speaker Deck
Features
Speaker Deck
PRO
Sign in
Sign up for free
Search
Search
DevSecOps - Vom Unikum zur gut geölten Maschine
Search
Nicolas Byl
December 08, 2021
Technology
0
75
DevSecOps - Vom Unikum zur gut geölten Maschine
Nicolas Byl
December 08, 2021
Tweet
Share
More Decks by Nicolas Byl
See All by Nicolas Byl
Die Flucht aus der Prototypen-Hölle
nbyl
0
24
Lean Prototyping for Industrial-IoT Projects
nbyl
0
18
Securing your software supply chain
nbyl
0
280
Keeping-Up-WithUpstream.pdf
nbyl
0
100
Dr. Kube und der Helm - Anatomie einer CD-Pipeline
nbyl
0
89
Securing the "other" supply chain
nbyl
0
210
Kubernetes - Auf die Cluster, Fertig, Los!
nbyl
0
120
Helm - Kubernetes Deployments richtig gemacht
nbyl
0
100
It's the developers, stupid!
nbyl
0
130
Other Decks in Technology
See All in Technology
Git 研修 Advanced【MIXI 24新卒技術研修】
mixi_engineers
PRO
0
200
エンジニアの生存戦略 〜クラウド潮流の経験から紐解く技術トレンドのメカニズムと乗りこなし方〜
shimy
9
1.9k
AWSサービスメニュー開発をしていてAWSを好きだ!と感じた瞬間
toru_kubota
0
130
AWSでRAGを作る法方
sonoda_mj
1
140
フルリモートワークはエンジニアの夢を叶えたか? #cm_odyssey
mamohacy
2
600
セキュリティ研修 Day1【MIXI 24新卒技術研修】
mixi_engineers
PRO
0
160
開発と事業を繋ぐ!SREのオブザーバビリティ戦略 ~ Developers Summit 2024 Summer ~
leveragestech
0
630
公共領域から学ぶ クラウド移行についてエンジニアが意識していること
kawakawa2222
0
140
AIエージェントを現場に導入する目線とは
masahiro_nishimi
1
1.5k
[NIKKEI Tech Talk]Bias for Action!! 実践から学ぶための仕組とコミュニティ / Community for Practice and Learning
kanamasa
0
280
ゆめみのアクセシビリティの現在地と今後
ryokatsuse
3
290
[I/O Extended Android 2024] What`s new in Android 2024
kyeongwan
0
220
Featured
See All Featured
How to Think Like a Performance Engineer
csswizardry
4
590
Into the Great Unknown - MozCon
thekraken
20
1.3k
Rails Girls Zürich Keynote
gr2m
93
13k
Designing on Purpose - Digital PM Summit 2013
jponch
113
6.6k
Dealing with People You Can't Stand - Big Design 2015
cassininazir
360
22k
RailsConf & Balkan Ruby 2019: The Past, Present, and Future of Rails at GitHub
eileencodes
129
32k
Stop Working from a Prison Cell
hatefulcrawdad
266
20k
The MySQL Ecosystem @ GitHub 2015
samlambert
248
12k
Optimising Largest Contentful Paint
csswizardry
18
2.6k
The Cost Of JavaScript in 2023
addyosmani
31
4.7k
Designing the Hi-DPI Web
ddemaree
276
34k
Six Lessons from altMBA
skipperchong
24
3.2k
Transcript
1 NICOLAS BYL DEVSECOPS VOM UNIKUM ZUR GUT GEÖLTEN MASCHINE
2 INTRODUCTION
3 THE DEVSECOPS CYCLE
4 THE CASTLE ILLUSION
5 THE DEVSECOPS CYCLE
6 THE DEVSECOPS CYCLE
7 SECURE ARCHITECTURE
8 THREAT MODELLING
9 COMPLIANCE
10 PENTESTS
11 THE DEVSECOPS CYCLE
12 DESIGN PATTERNS
13 PRE-COMMIT HOOKS
14 CODE REVIEWS
15 COMMIT SIGNING
16 THE DEVSECOPS CYCLE
17 THE DEPENDENCY ICEBERG
18 AUTOMATION IS KING SOURCE CODE ANALYSIS • FindBugs •
SonarQube • SAST • DAST SOURCE CODE ANALYSIS DEPENDENCY ANALYSIS • Maven, npm, ... • Container Images • Operating System Packages UPDATE AUTOMATION • npm audit • Dependabot • Renovate
19 THE DEVSECOPS CYCLE
20 POLICY OVER CHECKLISTS
21 THE KEY TO THE KINGDOM
22 ZERO-TRUST DEPLOYMENT
23 ROLLER COASTER PASSWORDS
24 INVENTORY SCANS
25 FIRE DRILLS & CHAOS ENGINEERING
26 HOW TO GET IN TOUCH
[email protected]
@ClusterBauer https://www.nexineer.io/career/ WE
ARE ALWAYS LOOKING FOR GREAT COLLEAGUES…
27 PATCHING Sicheres Artefakt Artefakt mit bekannter Schwachstelle Scanning Patching