Upgrade to Pro — share decks privately, control downloads, hide ads and more …

DevSecOps - Vom Unikum zur gut geölten Maschine

Nicolas Byl
December 08, 2021
Technology
0
68

DevSecOps - Vom Unikum zur gut geölten Maschine

Nicolas Byl

December 08, 2021
Tweet

More Decks by Nicolas Byl

See All by Nicolas Byl
Die Flucht aus der Prototypen-Hölle
nbyl
0
11
Lean Prototyping for Industrial-IoT Projects
nbyl
0
16
Securing your software supply chain
nbyl
0
250
Keeping-Up-WithUpstream.pdf
nbyl
0
93
Dr. Kube und der Helm - Anatomie einer CD-Pipeline
nbyl
0
85
Securing the "other" supply chain
nbyl
0
200
Kubernetes - Auf die Cluster, Fertig, Los!
nbyl
0
110
Helm - Kubernetes Deployments richtig gemacht
nbyl
0
90
It's the developers, stupid!
nbyl
0
120

Other Decks in Technology

See All in Technology
競技としてのKaggle、役に立つKaggle
yu4u
3
1.6k
Meta Quest 3 で動く桜マシマシ WebXR アプリを IBM Cloud Code Engine と Babylon.js で作った話
1ftseabass
PRO
0
120
Google Cloud Next '24でブログを10本書いた方法と勉強会を沸かせた方法
yasumuusan
0
300
JAWS-UG Bedrock Claude Night
yamahiro
3
610
複雑な構成要素を持つUIとの向き合い方 〜新・支出グラフでの実例〜 / B43 TECH TALK
nakamuuu
0
140
障害対応をちょっとずつよくしていくための 演習の作りかた
heleeen
0
220
Databricks における 『MLOps』
databricksjapan
2
170
一生覚えておきたい「システム開発=コミュニケーション」〜初めての実務案件振り返りLT〜
maimyyym
0
140
開発生産性大幅アップ!Postman VS Code拡張機能
nagix
2
380
DMM.com アルファ室採用案内資料
hsugita
1
150
MySQL の SQL クエリチューニングの要所を掴む勉強会
andpad
3
6.4k
リテール金融(キャッシュレス・ネット銀行・ネット証券)の競争環境と経済圏
8maki
0
1.2k

Featured

See All Featured
From Idea to $5000 a Month in 5 Months
shpigford
377
45k
Making Projects Easy
brettharned
108
5.5k
In The Pink: A Labor of Love
frogandcode
138
21k
Web Components: a chance to create the future
zenorocha
305
41k
Principles of Awesome APIs and How to Build Them.
keavy
121
16k
Web development in the modern age
philhawksworth
202
10k
Ruby is Unlike a Banana
tanoku
96
10k
Documentation Writing (for coders)
carmenintech
60
3.9k
Helping Users Find Their Own Way: Creating Modern Search Experiences
danielanewman
20
1.9k
Become a Pro
speakerdeck
PRO
11
4.5k
Learning to Love Humans: Emotional Interface Design
aarron
267
39k
Reflections from 52 weeks, 52 projects
jeffersonlam
345
19k

Transcript

  1. 1 NICOLAS BYL DEVSECOPS VOM UNIKUM ZUR GUT GEÖLTEN MASCHINE

  2. 2 INTRODUCTION

  3. 3 THE DEVSECOPS CYCLE

  4. 4 THE CASTLE ILLUSION

  5. 5 THE DEVSECOPS CYCLE

  6. 6 THE DEVSECOPS CYCLE

  7. 7 SECURE ARCHITECTURE

  8. 8 THREAT MODELLING

  9. 9 COMPLIANCE

  10. 10 PENTESTS

  11. 11 THE DEVSECOPS CYCLE

  12. 12 DESIGN PATTERNS

  13. 13 PRE-COMMIT HOOKS

  14. 14 CODE REVIEWS

  15. 15 COMMIT SIGNING

  16. 16 THE DEVSECOPS CYCLE

  17. 17 THE DEPENDENCY ICEBERG

  18. 18 AUTOMATION IS KING SOURCE CODE ANALYSIS • FindBugs •

    SonarQube • SAST • DAST SOURCE CODE ANALYSIS DEPENDENCY ANALYSIS • Maven, npm, ... • Container Images • Operating System Packages UPDATE AUTOMATION • npm audit • Dependabot • Renovate

  19. 19 THE DEVSECOPS CYCLE

  20. 20 POLICY OVER CHECKLISTS

  21. 21 THE KEY TO THE KINGDOM

  22. 22 ZERO-TRUST DEPLOYMENT

  23. 23 ROLLER COASTER PASSWORDS

  24. 24 INVENTORY SCANS

  25. 25 FIRE DRILLS & CHAOS ENGINEERING

  26. 26 HOW TO GET IN TOUCH [email protected] @ClusterBauer https://www.nexineer.io/career/ WE

    ARE ALWAYS LOOKING FOR GREAT COLLEAGUES…

  27. 27 PATCHING Sicheres Artefakt Artefakt mit bekannter Schwachstelle Scanning Patching