Upgrade to Pro
— share decks privately, control downloads, hide ads and more …
Speaker Deck
Features
Speaker Deck
PRO
Sign in
Sign up for free
Search
Search
DevSecOps - Vom Unikum zur gut geölten Maschine
Search
Nicolas Byl
December 08, 2021
Technology
0
91
DevSecOps - Vom Unikum zur gut geölten Maschine
Nicolas Byl
December 08, 2021
Tweet
Share
More Decks by Nicolas Byl
See All by Nicolas Byl
Die Flucht aus der Prototypen-Hölle
nbyl
0
41
Lean Prototyping for Industrial-IoT Projects
nbyl
0
38
Securing your software supply chain
nbyl
0
350
Keeping-Up-WithUpstream.pdf
nbyl
0
150
Dr. Kube und der Helm - Anatomie einer CD-Pipeline
nbyl
0
110
Securing the "other" supply chain
nbyl
0
250
Kubernetes - Auf die Cluster, Fertig, Los!
nbyl
0
170
Helm - Kubernetes Deployments richtig gemacht
nbyl
0
120
It's the developers, stupid!
nbyl
0
180
Other Decks in Technology
See All in Technology
ビズリーチにおけるリアーキテクティング実践事例 / JJUG CCC 2025 Spring
visional_engineering_and_design
1
110
KubeCon + CloudNativeCon Japan 2025 Recap Opening & Choose Your Own Adventureシリーズまとめ
mmmatsuda
0
260
Zephyr RTOSを使った開発コンペに参加した件
iotengineer22
1
200
作曲家がボカロを使うようにPdMはAIを使え
itotaxi
0
440
DBのスキルで生き残る技術 - AI時代におけるテーブル設計の勘所
soudai
PRO
21
7.2k
【5分でわかる】セーフィー エンジニア向け会社紹介
safie_recruit
0
27k
Model Mondays S2E03: SLMs & Reasoning
nitya
0
350
AI時代の開発生産性を加速させるアーキテクチャ設計
plaidtech
PRO
3
120
生成AI活用の組織格差を解消する 〜ビジネス職のCursor導入が開発効率に与えた好循環〜 / Closing the Organizational Gap in AI Adoption
upamune
7
5.1k
なぜ私はいま、ここにいるのか? #もがく中堅デザイナー #プロダクトデザイナー
bengo4com
0
1.3k
高速なプロダクト開発を実現、創業期から掲げるエンタープライズアーキテクチャ
kawauso
2
8.4k
ゼロからはじめる採用広報
yutadayo
2
540
Featured
See All Featured
CSS Pre-Processors: Stylus, Less & Sass
bermonpainter
357
30k
Design and Strategy: How to Deal with People Who Don’t "Get" Design
morganepeng
130
19k
Rails Girls Zürich Keynote
gr2m
94
14k
How STYLIGHT went responsive
nonsquared
100
5.6k
Agile that works and the tools we love
rasmusluckow
329
21k
Side Projects
sachag
455
42k
Intergalactic Javascript Robots from Outer Space
tanoku
271
27k
YesSQL, Process and Tooling at Scale
rocio
173
14k
How GitHub (no longer) Works
holman
314
140k
Adopting Sorbet at Scale
ufuk
77
9.4k
Build your cross-platform service in a week with App Engine
jlugia
231
18k
The Power of CSS Pseudo Elements
geoffreycrofte
77
5.8k
Transcript
1 NICOLAS BYL DEVSECOPS VOM UNIKUM ZUR GUT GEÖLTEN MASCHINE
2 INTRODUCTION
3 THE DEVSECOPS CYCLE
4 THE CASTLE ILLUSION
5 THE DEVSECOPS CYCLE
6 THE DEVSECOPS CYCLE
7 SECURE ARCHITECTURE
8 THREAT MODELLING
9 COMPLIANCE
10 PENTESTS
11 THE DEVSECOPS CYCLE
12 DESIGN PATTERNS
13 PRE-COMMIT HOOKS
14 CODE REVIEWS
15 COMMIT SIGNING
16 THE DEVSECOPS CYCLE
17 THE DEPENDENCY ICEBERG
18 AUTOMATION IS KING SOURCE CODE ANALYSIS • FindBugs •
SonarQube • SAST • DAST SOURCE CODE ANALYSIS DEPENDENCY ANALYSIS • Maven, npm, ... • Container Images • Operating System Packages UPDATE AUTOMATION • npm audit • Dependabot • Renovate
19 THE DEVSECOPS CYCLE
20 POLICY OVER CHECKLISTS
21 THE KEY TO THE KINGDOM
22 ZERO-TRUST DEPLOYMENT
23 ROLLER COASTER PASSWORDS
24 INVENTORY SCANS
25 FIRE DRILLS & CHAOS ENGINEERING
26 HOW TO GET IN TOUCH
[email protected]
@ClusterBauer https://www.nexineer.io/career/ WE
ARE ALWAYS LOOKING FOR GREAT COLLEAGUES…
27 PATCHING Sicheres Artefakt Artefakt mit bekannter Schwachstelle Scanning Patching