Upgrade to Pro
— share decks privately, control downloads, hide ads and more …
Speaker Deck
Features
Speaker Deck
PRO
Sign in
Sign up for free
Search
Search
DevSecOps - Vom Unikum zur gut geölten Maschine
Search
Sponsored
·
Your Podcast. Everywhere. Effortlessly.
Share. Educate. Inspire. Entertain. You do you. We'll handle the rest.
→
Nicolas Byl
December 08, 2021
Technology
120
0
Share
Embed
Copy iframe code
Copy JS code
Copy link
Start on current slide
DevSecOps - Vom Unikum zur gut geölten Maschine
Nicolas Byl
December 08, 2021
More Decks by Nicolas Byl
See All by Nicolas Byl
Platform Engineering ❤️ Developer Experience
nbyl
0
53
Die Flucht aus der Prototypen-Hölle
nbyl
0
57
Lean Prototyping for Industrial-IoT Projects
nbyl
0
76
Securing your software supply chain
nbyl
0
390
Keeping-Up-WithUpstream.pdf
nbyl
0
190
Dr. Kube und der Helm - Anatomie einer CD-Pipeline
nbyl
0
150
Securing the "other" supply chain
nbyl
0
320
Kubernetes - Auf die Cluster, Fertig, Los!
nbyl
0
220
Helm - Kubernetes Deployments richtig gemacht
nbyl
0
150
Other Decks in Technology
See All in Technology
マーケットプレイス版Oracle WebCenter Content For OCI
oracle4engineer
PRO
5
1.8k
AIにフローを作らせようとして挫折した話
hamatsutaichi
0
210
React、まだ楽しくて草
uhyo
7
4.1k
Oracle AI Database@Google Cloud:サービス概要のご紹介
oracle4engineer
PRO
6
1.5k
製造業のクラウド活用最適解〜AI,DXを加速するデータ基盤の作り方〜
hamadakoji
0
400
「速く作る」から「正しく作る」へ ─ 生成AI時代の開発フロー改革の ロードマップと実行 ─
starfish719
0
8.2k
AIプラットフォームを運用し続けるための可観測性
tanimuyk
4
1.1k
AI Testing Talks: Challenges of Applying AI in Software Testing: From Hype to Practical Use
exactpro
PRO
1
140
AI フレンドリーなエラー監視を TypeScript で実現する
shinyaigeek
2
260
【5分でわかる】セーフィー エンジニア向け会社紹介
safie_recruit
0
50k
ITエンジニアを取り巻く環境とキャリアパス / A career path for Japanese IT engineers
takatama
4
1.8k
地元にいないローカルオーガナイザーの立ち回り
uvb_76
1
930
Featured
See All Featured
How to build a perfect <img>
jonoalderson
1
5.6k
JavaScript: Past, Present, and Future - NDC Porto 2020
reverentgeek
52
6k
The agentic SEO stack - context over prompts
schlessera
0
800
Design and Strategy: How to Deal with People Who Don’t "Get" Design
morganepeng
133
19k
The MySQL Ecosystem @ GitHub 2015
samlambert
251
13k
Rails Girls Zürich Keynote
gr2m
96
14k
SEOcharity - Dark patterns in SEO and UX: How to avoid them and build a more ethical web
sarafernandez
0
200
Music & Morning Musume
bryan
47
7.2k
Practical Tips for Bootstrapping Information Extraction Pipelines
honnibal
25
1.9k
Thoughts on Productivity
jonyablonski
76
5.2k
Unsuck your backbone
ammeep
672
58k
Paper Plane (Part 1)
katiecoart
PRO
0
8.5k
Transcript
1 NICOLAS BYL DEVSECOPS VOM UNIKUM ZUR GUT GEÖLTEN MASCHINE
2 INTRODUCTION
3 THE DEVSECOPS CYCLE
4 THE CASTLE ILLUSION
5 THE DEVSECOPS CYCLE
6 THE DEVSECOPS CYCLE
7 SECURE ARCHITECTURE
8 THREAT MODELLING
9 COMPLIANCE
10 PENTESTS
11 THE DEVSECOPS CYCLE
12 DESIGN PATTERNS
13 PRE-COMMIT HOOKS
14 CODE REVIEWS
15 COMMIT SIGNING
16 THE DEVSECOPS CYCLE
17 THE DEPENDENCY ICEBERG
18 AUTOMATION IS KING SOURCE CODE ANALYSIS • FindBugs •
SonarQube • SAST • DAST SOURCE CODE ANALYSIS DEPENDENCY ANALYSIS • Maven, npm, ... • Container Images • Operating System Packages UPDATE AUTOMATION • npm audit • Dependabot • Renovate
19 THE DEVSECOPS CYCLE
20 POLICY OVER CHECKLISTS
21 THE KEY TO THE KINGDOM
22 ZERO-TRUST DEPLOYMENT
23 ROLLER COASTER PASSWORDS
24 INVENTORY SCANS
25 FIRE DRILLS & CHAOS ENGINEERING
26 HOW TO GET IN TOUCH
[email protected]
@ClusterBauer https://www.nexineer.io/career/ WE
ARE ALWAYS LOOKING FOR GREAT COLLEAGUES…
27 PATCHING Sicheres Artefakt Artefakt mit bekannter Schwachstelle Scanning Patching
nbyl
oracle4engineer
hamatsutaichi
uhyo
hamadakoji
starfish719
tanimuyk
exactpro
shinyaigeek
safie_recruit
takatama
uvb_76
jonoalderson
reverentgeek
schlessera
morganepeng
samlambert
gr2m
sarafernandez
bryan
honnibal
jonyablonski
ammeep
katiecoart
![26 HOW TO GET IN TOUCH [email protected] @ClusterBauer https://www.nexineer.io/career/ WE](https://files.speakerdeck.com/presentations/bc9481b009f54a0aac7900020fe93776/slide_25.jpg){kind=link}
