Upgrade to Pro
— share decks privately, control downloads, hide ads and more …
Speaker Deck
Features
Speaker Deck
PRO
Sign in
Sign up for free
Search
Search
DevSecOps - Vom Unikum zur gut geölten Maschine
Search
Nicolas Byl
December 08, 2021
Technology
0
94
DevSecOps - Vom Unikum zur gut geölten Maschine
Nicolas Byl
December 08, 2021
Tweet
Share
More Decks by Nicolas Byl
See All by Nicolas Byl
Die Flucht aus der Prototypen-Hölle
nbyl
0
42
Lean Prototyping for Industrial-IoT Projects
nbyl
0
38
Securing your software supply chain
nbyl
0
360
Keeping-Up-WithUpstream.pdf
nbyl
0
160
Dr. Kube und der Helm - Anatomie einer CD-Pipeline
nbyl
0
120
Securing the "other" supply chain
nbyl
0
260
Kubernetes - Auf die Cluster, Fertig, Los!
nbyl
0
180
Helm - Kubernetes Deployments richtig gemacht
nbyl
0
120
It's the developers, stupid!
nbyl
0
190
Other Decks in Technology
See All in Technology
事業価値と Engineering
recruitengineers
PRO
1
160
人と組織に偏重したEMへのアンチテーゼ──なぜ、EMに設計力が必要なのか/An antithesis to the overemphasis of people and organizations in EM
dskst
5
580
自社製CMSからmicroCMSへのリプレースがプロダクトグロースを加速させた話
nextbeatdev
0
120
サイボウズフロントエンドの横断活動から考える AI時代にできること
mugi_uno
4
1.4k
AIとTDDによるNext.js「隙間ツール」開発の実践
makotot
5
620
いま、あらためて考えてみるアカウント管理 with IaC / Account management with IaC
kohbis
2
680
Browser
recruitengineers
PRO
3
210
実践アプリケーション設計 ①データモデルとドメインモデル
recruitengineers
PRO
2
160
夢の印税生活 / Life on Royalties
tmtms
0
280
モダンな現場と従来型の組織——そこに生じる "不整合" を解消してこそチームがパフォーマンスを発揮できる / Team-oriented Organization Design 20250825
mtx2s
5
510
Claude Code x Androidアプリ 開発
kgmyshin
1
560
アジャイルテストで高品質のスプリントレビューを
takesection
0
110
Featured
See All Featured
Scaling GitHub
holman
462
140k
Reflections from 52 weeks, 52 projects
jeffersonlam
351
21k
I Don’t Have Time: Getting Over the Fear to Launch Your Podcast
jcasabona
33
2.4k
Building a Scalable Design System with Sketch
lauravandoore
462
33k
Unsuck your backbone
ammeep
671
58k
ピンチをチャンスに:未来をつくるプロダクトロードマップ #pmconf2020
aki_iinuma
126
53k
Raft: Consensus for Rubyists
vanstee
140
7.1k
Code Reviewing Like a Champion
maltzj
525
40k
Building Flexible Design Systems
yeseniaperezcruz
328
39k
Put a Button on it: Removing Barriers to Going Fast.
kastner
60
4k
Gamification - CAS2011
davidbonilla
81
5.4k
Why You Should Never Use an ORM
jnunemaker
PRO
59
9.5k
Transcript
1 NICOLAS BYL DEVSECOPS VOM UNIKUM ZUR GUT GEÖLTEN MASCHINE
2 INTRODUCTION
3 THE DEVSECOPS CYCLE
4 THE CASTLE ILLUSION
5 THE DEVSECOPS CYCLE
6 THE DEVSECOPS CYCLE
7 SECURE ARCHITECTURE
8 THREAT MODELLING
9 COMPLIANCE
10 PENTESTS
11 THE DEVSECOPS CYCLE
12 DESIGN PATTERNS
13 PRE-COMMIT HOOKS
14 CODE REVIEWS
15 COMMIT SIGNING
16 THE DEVSECOPS CYCLE
17 THE DEPENDENCY ICEBERG
18 AUTOMATION IS KING SOURCE CODE ANALYSIS • FindBugs •
SonarQube • SAST • DAST SOURCE CODE ANALYSIS DEPENDENCY ANALYSIS • Maven, npm, ... • Container Images • Operating System Packages UPDATE AUTOMATION • npm audit • Dependabot • Renovate
19 THE DEVSECOPS CYCLE
20 POLICY OVER CHECKLISTS
21 THE KEY TO THE KINGDOM
22 ZERO-TRUST DEPLOYMENT
23 ROLLER COASTER PASSWORDS
24 INVENTORY SCANS
25 FIRE DRILLS & CHAOS ENGINEERING
26 HOW TO GET IN TOUCH
[email protected]
@ClusterBauer https://www.nexineer.io/career/ WE
ARE ALWAYS LOOKING FOR GREAT COLLEAGUES…
27 PATCHING Sicheres Artefakt Artefakt mit bekannter Schwachstelle Scanning Patching
nbyl
recruitengineers
dskst
nextbeatdev
mugi_uno
makotot
kohbis
tmtms
mtx2s
kgmyshin
takesection
holman
jeffersonlam
jcasabona
lauravandoore
ammeep
aki_iinuma
vanstee
maltzj
yeseniaperezcruz
kastner
davidbonilla
jnunemaker
![26 HOW TO GET IN TOUCH [email protected] @ClusterBauer https://www.nexineer.io/career/ WE](https://files.speakerdeck.com/presentations/bc9481b009f54a0aac7900020fe93776/slide_25.jpg){kind=link}
