Upgrade to Pro — share decks privately, control downloads, hide ads and more …

Securing the "other" supply chain

Nicolas Byl
May 15, 2019
Technology
0
180

Securing the "other" supply chain

Nicolas Byl

May 15, 2019
Tweet

More Decks by Nicolas Byl

See All by Nicolas Byl
Lean Prototyping for Industrial-IoT Projects
nbyl
0
13
DevSecOps - Vom Unikum zur gut geölten Maschine
nbyl
0
31
Securing your software supply chain
nbyl
0
180
Keeping-Up-WithUpstream.pdf
nbyl
0
60
Dr. Kube und der Helm - Anatomie einer CD-Pipeline
nbyl
0
63
Kubernetes - Auf die Cluster, Fertig, Los!
nbyl
0
84
Helm - Kubernetes Deployments richtig gemacht
nbyl
0
66
It's the developers, stupid!
nbyl
0
100
Das Gruselkabinett des Dr. Kube
nbyl
0
190

Other Decks in Technology

See All in Technology
ITエンジニアとして大切にしている3つのこと
korodroid
1
480
人生がときめく自宅ネットワークの魔法
tatematsu_san
1
610
Exciting WebPageTest Scripting - WebPerf Meetup Hamburg, 20230323
tbaldauf
0
130
How Much Should Staff+ Code? StaffPlus NYC 2023
jkebertz
0
100
Webアプリケーション設計の第一歩は
ディレクトリの整理から / Encraft 1
okunokentaro
22
6.4k
軽率に休学したら Babylon.js×WebARで 夢を3つ叶えてた / my dreams with babylon.js and WebAR
drumath2237
0
130
Win Testing Trophy Easily / テスティングトロフィーを獲得する / PHPerKaigi 2023
k1low
2
190
Pain-free APIs with Smithy4s
kubukoz
0
150
ちょっとわかるWindows Autopilot
shao1555
1
280
関数型で表現するイベントソーシングの実装とその教育
tomohisa
0
190
他言語と比較して今こそ理解しよう! 目指せ、列挙型マスター!
soachr
0
110
ZOZOTOWNの検索APIにキャッシュを導入、実装時の工夫や効果について
sattosan
0
340

Featured

See All Featured
5 minutes of I Can Smell Your CMS
philhawksworth
198
18k
CoffeeScript is Beautiful & I Never Want to Write Plain JavaScript Again
sstephenson
152
13k
Web Components: a chance to create the future
zenorocha
304
41k
Refactoring Trust on Your Teams (GOTO; Chicago 2020)
rmw
22
1.8k
A designer walks into a library…
pauljervisheath
199
16k
Building Adaptive Systems
keathley
28
1.4k
VelocityConf: Rendering Performance Case Studies
addyosmani
317
22k
Adopting Sorbet at Scale
ufuk
65
7.9k
KATA
mclloyd
12
10k
Mobile First: as difficult as doing things right
swwweet
213
7.9k
Creatively Recalculating Your Daily Design Routine
revolveconf
207
11k
Music & Morning Musume
bryan
37
4.7k

Transcript

  1. 1
    Nicolas Byl, DevOpsDays Zürich

    View Slide

  2. 2
    Storytime
    2
    https://pxhere.com/de/photo/237

    View Slide

  3. 3
    Checklists
    3
    https://pxhere.com/de/photo/1455425

    View Slide

  4. 4
    Compliance
    4

    View Slide

  5. 5
    5

    View Slide

  6. 6
    The castle illusion
    6
    https://pxhere.com/de/photo/852079

    View Slide

  7. 7
    7

    View Slide

  8. 8
    8
    source code binary

    View Slide

  9. 9
    Binary Authorization
    9
    https://pxhere.com/de/photo/662108

    View Slide

  10. 10
    1
    0
    signature
    verify

    View Slide

  11. 11
    build signature
    1
    dependency check
    static code analysis
    QA tests successful
    release manager sign-off
    2
    3
    4
    5
    11
    1
    1
    https://pxhere.com/de/photo/661983

    View Slide

  12. 12
    Demo
    1
    2
    https://pxhere.com/de/photo/237

    View Slide

  13. 13
    Emergencies
    1
    3
    https://pxhere.com/de/photo/499662

    View Slide

  14. 14
    Logging is not enough
    1
    Break-glass deployments should trigger an action
    Abuse must be sanctioned
    A tool for emergency situations
    2
    3
    4
    14
    1
    4
    https://pxhere.com/de/photo/33077

    View Slide

  15. 15
    Demo
    1
    5
    https://pxhere.com/de/photo/1140826

    View Slide

  16. 16
    How to introduce
    these concepts?
    Blockchain?
    1
    6
    https://pxhere.com/de/photo/237

    View Slide

  17. 17
    [email protected]
    17
    http://www.twitter.com/NicolasByl

    View Slide