Upgrade to Pro — share decks privately, control downloads, hide ads and more …

Keeping-Up-WithUpstream.pdf

Nicolas Byl
September 06, 2019
Technology
0
120

 Keeping-Up-WithUpstream.pdf

Nicolas Byl

September 06, 2019
Tweet

More Decks by Nicolas Byl

See All by Nicolas Byl
Die Flucht aus der Prototypen-Hölle
nbyl
0
30
Lean Prototyping for Industrial-IoT Projects
nbyl
0
22
DevSecOps - Vom Unikum zur gut geölten Maschine
nbyl
0
81
Securing your software supply chain
nbyl
0
320
Dr. Kube und der Helm - Anatomie einer CD-Pipeline
nbyl
0
96
Securing the "other" supply chain
nbyl
0
220
Kubernetes - Auf die Cluster, Fertig, Los!
nbyl
0
140
Helm - Kubernetes Deployments richtig gemacht
nbyl
0
110
It's the developers, stupid!
nbyl
0
140

Other Decks in Technology

See All in Technology
Amazon VPC Lattice 最新アップデート紹介 - PrivateLink も似たようなアップデートあったけど違いとは
bigmuramura
0
190
OpenAIの蒸留機能(Model Distillation)を使用して運用中のLLMのコストを削減する取り組み
pharma_x_tech
4
540
なぜCodeceptJSを選んだか
goataka
0
160
Oracle Cloudの生成AIサービスって実際どこまで使えるの? エンジニア目線で試してみた
minorun365
PRO
4
280
ガバメントクラウドのセキュリティ対策事例について
fujisawaryohei
0
530
Postman と API セキュリティ / Postman and API Security
yokawasa
0
200
ゼロから創る横断SREチーム 挑戦と進化の軌跡
rvirus0817
2
260
20241220_S3 tablesの使い方を検証してみた
handy
3
320
AI時代のデータセンターネットワーク
lycorptech_jp
PRO
1
280
LINEヤフーのフロントエンド組織・体制の紹介【24年12月】
lycorp_recruit_jp
0
530
スタートアップで取り組んでいるAzureとMicrosoft 365のセキュリティ対策/How to Improve Azure and Microsoft 365 Security at Startup
yuj1osm
0
210
開発生産性向上! 育成を「改善」と捉えるエンジニア育成戦略
shoota
1
230

Featured

See All Featured
How to Create Impact in a Changing Tech Landscape [PerfNow 2023]
tammyeverts
48
2.2k
Designing on Purpose - Digital PM Summit 2013
jponch
116
7k
Easily Structure & Communicate Ideas using Wireframe
afnizarnur
191
16k
KATA
mclloyd
29
14k
Optimizing for Happiness
mojombo
376
70k
Unsuck your backbone
ammeep
669
57k
Large-scale JavaScript Application Architecture
addyosmani
510
110k
Keith and Marios Guide to Fast Websites
keithpitt
410
22k
Building an army of robots
kneath
302
44k
The Power of CSS Pseudo Elements
geoffreycrofte
73
5.4k
Helping Users Find Their Own Way: Creating Modern Search Experiences
danielanewman
29
2.3k
Improving Core Web Vitals using Speculation Rules API
sergeychernyshev
0
96

Transcript

  1. 1 Nicolas Byl

  2. 2 This talk may contain fictional elements… 2 https://pxhere.com/de/photo/738184

  3. 3 Part 1 Marley’s Ghost 3 https://pxhere.com/de/photo/237

  4. 4 A few days ago, in our café… 4 https://pxhere.com/de/photo/39

  5. 5 Part 2 The ghost of DevSecOps past 5 https://pxhere.com/de/photo/237

  6. 6 At the backlog grooming… 6 https://pxhere.com/de/photo/1434201

  7. 7 “Our development environment is a production environment” 1 Management

    and ownership needed for Build Server, Source Control, … Is there a pre-Dev environment? 2 3 7 7 https://pxhere.com/de/photo/1033572

  8. 8 Gathering metrics to support DevSecOps feedback loops 1 Understand

    and customize metrics Action is required 2 3 8 8 https://pxhere.com/de/photo/893775

  9. 9 Part 2 The ghost of DevSecOps present 9 https://pxhere.com/de/photo/237

  10. 10 In the middle of the night… 1 0 https://pxhere.com/de/photo/1391800

  11. 11 Source Code Analysis FindBugs, SonarQube, SAST, DAST 1 Dependency

    Analysis Maven, NPM, Pythin, Perl, … Operating Systems DEB, RPM, … Docker Images Anchore, clair, Aqua, snyk 2 3 4 11 1 1 https://pxhere.com/de/photo/6643025

  12. 12 Source Code Analysis FindBugs, SonarQube, SAST, DAST 1 Dependency

    Analysis Maven, NPM, Pythin, Perl, … Operating Systems DEB, RPM, … Docker Images Anchore, clair, Aqua, snyk 2 3 4 12 1 2 https://pxhere.com/de/photo/893775

  13. 13 How do you notify independent teams of needed actions?

    1 Separate signals from noise Consolidate update sources (GitHub / GitLab, Docker Hub, binary repositories, mailing lists, …) Internal vs. external dependencies 2 3 4 13 1 3 https://pxhere.com/de/photo/1565823

  14. 14 Prepare for failure… 1 4 https://pxhere.com/de/photo/1073983

  15. 15 GitOps as single source of truth (source code, delivery

    code, infrastructure code) 1 Consider dynamic environments, record data for later analysis What was running at time X? Consider version pinning (library versions, Docker Image SHA sum) 2 3 4 15 1 5 https://pxhere.com/de/photo/137541

  16. 16 Part 3 The ghost of DevSecOps future 1 6

    https://pxhere.com/de/photo/237

  17. 17 At dawn… 1 7 https://pxhere.com/de/photo/39

  18. Avoid Tree-Ring-Projects Don’tnotify aboutupdates, provide them Keep an eye on

    the current security statistics 18 https://pxhere.com/de/photo/1209019

  19. Don’t reinvent the wheel There is a reason for spezialisation

    Solve common problems with spezialized teams 19 https://pxhere.com/de/photo/1235822

  20. Make artifacts and the whole delivery process verifiable Preserve integrity

    of your binaries Use Docker Notary, Grafeas, in-toto, … 20 https://pxhere.com/de/photo/910704

  21. Policy trumps checklists Build your policy into your runtime platform

    Beware of cultural and political implications 21 https://pxhere.com/de/photo/1455413

  22. 22 Keep the ghosts away! 2 2 https://pxhere.com/de/photo/791236

  23. 23 [email protected] 23 http://www.twitter.com/NicolasByl