Upgrade to Pro
— share decks privately, control downloads, hide ads and more …
Speaker Deck
Features
Speaker Deck
PRO
Sign in
Sign up for free
Search
Search
DevSecOps - Vom Unikum zur gut geölten Maschine
Search
Nicolas Byl
December 08, 2021
Technology
120
0
Share
Embed
Copy iframe code
Copy JS code
Copy link
Start on current slide
DevSecOps - Vom Unikum zur gut geölten Maschine
Nicolas Byl
December 08, 2021
More Decks by Nicolas Byl
See All by Nicolas Byl
Platform Engineering ❤️ Developer Experience
nbyl
0
55
Die Flucht aus der Prototypen-Hölle
nbyl
0
57
Lean Prototyping for Industrial-IoT Projects
nbyl
0
76
Securing your software supply chain
nbyl
0
390
Keeping-Up-WithUpstream.pdf
nbyl
0
190
Dr. Kube und der Helm - Anatomie einer CD-Pipeline
nbyl
0
150
Securing the "other" supply chain
nbyl
0
320
Kubernetes - Auf die Cluster, Fertig, Los!
nbyl
0
220
Helm - Kubernetes Deployments richtig gemacht
nbyl
0
150
Other Decks in Technology
See All in Technology
“詰む”前に仕組みを作れ 〜技術の波に溺れないためのキャッチアップ術〜
takasyou
7
4.5k
起点・思考・出力で分解する 〜PM業務の自動化設計〜
kazu_kichi_67
2
1.2k
從開發到部署全都交給 AI:實作 AI 驅動的自動化流程
appleboy
0
190
本当の”仕事”を手放せる未来が見えた
mu7889yoon
0
200
AI 不只幫你寫 Code: 當專案從 300 暴增到 1500, 我們如何撐住 DevOps
appleboy
0
290
感情と身体を置き去りにしない、エンジニアの生きのこり方 ──いまから、ここから「自分の状態」を扱うという選択
saorimurooka
0
400
AWS Summit 2026で見えたSIerにとっての Amazon Quickの位置づけ
maf_0521
0
120
スタートアップにAmazon EKSは早すぎる? マルチプロダクト戦略を加速する Platform Engineeringの実践 / Is Amazon EKS Too Soon for Startups? Practical Platform Engineering to Accelerate a Multi-Product Strategy
elmodev09
1
1.9k
「勝手に広まる」人気 AI エージェントを爆速で作ろう!(AWS Summit Japan 2026講演資料)
minorun365
PRO
10
2.6k
組織における AI-DLC 実践
askul
0
180
toB プロダクトから見たWAF
tokai235
0
250
そこにあるから地図ができる~位置を示す"モノ"を愉しむ~ - Interface 2026年6月号GPS特集オフ会 / interface_202606_GPS_offline
sakaik
1
130
Featured
See All Featured
Large-scale JavaScript Application Architecture
addyosmani
515
110k
How People are Using Generative and Agentic AI to Supercharge Their Products, Projects, Services and Value Streams Today
helenjbeal
1
220
Git: the NoSQL Database
bkeepers
PRO
432
67k
The Hidden Cost of Media on the Web [PixelPalooza 2025]
tammyeverts
2
340
The Cult of Friendly URLs
andyhume
79
6.9k
Stop Working from a Prison Cell
hatefulcrawdad
274
21k
Efficient Content Optimization with Google Search Console & Apps Script
katarinadahlin
PRO
1
640
コードの90%をAIが書く世界で何が待っているのか / What awaits us in a world where 90% of the code is written by AI
rkaga
62
44k
Design and Strategy: How to Deal with People Who Don’t "Get" Design
morganepeng
133
19k
The untapped power of vector embeddings
frankvandijk
2
1.8k
Impact Scores and Hybrid Strategies: The future of link building
tamaranovitovic
0
320
Claude Code どこまでも/ Claude Code Everywhere
nwiizo
65
56k
Transcript
1 NICOLAS BYL DEVSECOPS VOM UNIKUM ZUR GUT GEÖLTEN MASCHINE
2 INTRODUCTION
3 THE DEVSECOPS CYCLE
4 THE CASTLE ILLUSION
5 THE DEVSECOPS CYCLE
6 THE DEVSECOPS CYCLE
7 SECURE ARCHITECTURE
8 THREAT MODELLING
9 COMPLIANCE
10 PENTESTS
11 THE DEVSECOPS CYCLE
12 DESIGN PATTERNS
13 PRE-COMMIT HOOKS
14 CODE REVIEWS
15 COMMIT SIGNING
16 THE DEVSECOPS CYCLE
17 THE DEPENDENCY ICEBERG
18 AUTOMATION IS KING SOURCE CODE ANALYSIS • FindBugs •
SonarQube • SAST • DAST SOURCE CODE ANALYSIS DEPENDENCY ANALYSIS • Maven, npm, ... • Container Images • Operating System Packages UPDATE AUTOMATION • npm audit • Dependabot • Renovate
19 THE DEVSECOPS CYCLE
20 POLICY OVER CHECKLISTS
21 THE KEY TO THE KINGDOM
22 ZERO-TRUST DEPLOYMENT
23 ROLLER COASTER PASSWORDS
24 INVENTORY SCANS
25 FIRE DRILLS & CHAOS ENGINEERING
26 HOW TO GET IN TOUCH
[email protected]
@ClusterBauer https://www.nexineer.io/career/ WE
ARE ALWAYS LOOKING FOR GREAT COLLEAGUES…
27 PATCHING Sicheres Artefakt Artefakt mit bekannter Schwachstelle Scanning Patching