DevSecOps - Vom Unikum zur gut geölten Maschine

December 08, 2021

120

DevSecOps - Vom Unikum zur gut geölten Maschine

Nicolas Byl

December 08, 2021

More Decks by Nicolas Byl

See All by Nicolas Byl

Platform Engineering ❤️ Developer Experience

0

49

Die Flucht aus der Prototypen-Hölle

0

54

Lean Prototyping for Industrial-IoT Projects

0

72

Securing your software supply chain

0

390

Keeping-Up-WithUpstream.pdf

0

180

Dr. Kube und der Helm - Anatomie einer CD-Pipeline

0

150

Securing the "other" supply chain

0

310

Kubernetes - Auf die Cluster, Fertig, Los!

0

210

Helm - Kubernetes Deployments richtig gemacht

0

150

Other Decks in Technology

See All in Technology

「QA＝テスト」「シフトレフト＝スクラムイベントの参加者の一員」の呪縛を解く。アジャイルな開発を止めないために、10Xで挑んだ「右側のしわ寄せ」解消記 #scrumniigata

PRO

3

570

FessのAI検索モード：検索システムとLLMへの取り組み

0

180

Cortex Codeのコスト見積ヒントご紹介

0

140

AIと乗り切った1,500ページ超のヘルプサイト基盤刷新とさらにその先の話

2

290

Angular Architecture Revisited Modernizing Angular Architectural Patterns

rainerhahnekamp

0

120

[Scram Fest Niigata2026]Quality as Code〜AIにQAの思考を再現させる試み〜

1

180

20260423_ハドソンのエロゲを追え_レトロゲーム

0

110

Building a Study Buddy AI Agent from Scratch: From Passive Chatbots to Autonomous Systems

0

120

AI バイブコーティングでキーボード不要？！

0

680

エージェント時代の UIとAPI、CLI戦略

coincheck_recruit

0

120

巨大プラットフォームを進化させる「第3のROI」

recruitengineers

PRO

2

2.2k

COBOL婆さんの伝説

0

130

Featured

See All Featured

Fight the Zombie Pattern Library - RWD Summit 2016

234

17k

The State of eCommerce SEO: How to Win in Today's Products SERPs - #SEOweek

2

10k

Paper Plane (Part 1)

PRO

0

6.9k

The Anti-SEO Checklist Checklist. Pubcon Cyber Week

0

130

Game over? The fight for quality and originality in the time of robots

1

170

Put a Button on it: Removing Barriers to Going Fast.

60

4.2k

Test your architecture with Archunit

1

2.2k

The Art of Delivering Value - GDevCon NA Keynote

16

1.9k

sira's awesome portfolio website redesign presentation

0

230

Site-Speed That Sticks

13

1.2k

How to Align SEO within the Product Triangle To Get  Buy-In & Support - #RIMC

2

1.5k

Claude Code どこまでも/ Claude Code Everywhere

65

55k

Transcript

1 NICOLAS BYL DEVSECOPS VOM UNIKUM ZUR GUT GEÖLTEN MASCHINE
2 INTRODUCTION
3 THE DEVSECOPS CYCLE
4 THE CASTLE ILLUSION
5 THE DEVSECOPS CYCLE
6 THE DEVSECOPS CYCLE
7 SECURE ARCHITECTURE
8 THREAT MODELLING
9 COMPLIANCE
10 PENTESTS
11 THE DEVSECOPS CYCLE
12 DESIGN PATTERNS
13 PRE-COMMIT HOOKS
14 CODE REVIEWS
15 COMMIT SIGNING
16 THE DEVSECOPS CYCLE
17 THE DEPENDENCY ICEBERG
18 AUTOMATION IS KING SOURCE CODE ANALYSIS • FindBugs •
SonarQube • SAST • DAST SOURCE CODE ANALYSIS DEPENDENCY ANALYSIS • Maven, npm, ... • Container Images • Operating System Packages UPDATE AUTOMATION • npm audit • Dependabot • Renovate
19 THE DEVSECOPS CYCLE
20 POLICY OVER CHECKLISTS
21 THE KEY TO THE KINGDOM
22 ZERO-TRUST DEPLOYMENT
23 ROLLER COASTER PASSWORDS
24 INVENTORY SCANS
25 FIRE DRILLS & CHAOS ENGINEERING
26 HOW TO GET IN TOUCH [email protected] @ClusterBauer https://www.nexineer.io/career/ WE
ARE ALWAYS LOOKING FOR GREAT COLLEAGUES…
27 PATCHING Sicheres Artefakt Artefakt mit bekannter Schwachstelle Scanning Patching