Upgrade to PRO for Only $50/Year—Limited-Time Offer! 🔥
Speaker Deck
Features
Speaker Deck
PRO
Sign in
Sign up for free
Search
Search
Securing your software supply chain
Search
Nicolas Byl
April 17, 2020
Technology
0
370
Securing your software supply chain
Nicolas Byl
April 17, 2020
Tweet
Share
More Decks by Nicolas Byl
See All by Nicolas Byl
Platform Engineering ❤️ Developer Experience
nbyl
0
19
Die Flucht aus der Prototypen-Hölle
nbyl
0
44
Lean Prototyping for Industrial-IoT Projects
nbyl
0
54
DevSecOps - Vom Unikum zur gut geölten Maschine
nbyl
0
110
Keeping-Up-WithUpstream.pdf
nbyl
0
170
Dr. Kube und der Helm - Anatomie einer CD-Pipeline
nbyl
0
130
Securing the "other" supply chain
nbyl
0
290
Kubernetes - Auf die Cluster, Fertig, Los!
nbyl
0
190
Helm - Kubernetes Deployments richtig gemacht
nbyl
0
130
Other Decks in Technology
See All in Technology
Fashion×AI「似合う」を届けるためのWEARのAI戦略
zozotech
PRO
2
1.1k
会社紹介資料 / Sansan Company Profile
sansan33
PRO
11
390k
接客歴・営業歴の方が長いエンジニアから見たre:Invent2025
yama3133
0
100
【開発を止めるな】機能追加と並行して進めるアーキテクチャ改善/Keep Shipping: Architecture Improvements Without Pausing Dev
bitkey
PRO
1
120
Bedrock AgentCore Evaluationsで学ぶLLM as a judge入門
shichijoyuhi
1
160
20251218_AIを活用した開発生産性向上の全社的な取り組みの進め方について / How to proceed with company-wide initiatives to improve development productivity using AI
yayoi_dd
0
620
フルカイテン株式会社 エンジニア向け採用資料
fullkaiten
0
9.9k
AI との良い付き合い方を僕らは誰も知らない
asei
0
230
半年で、AIゼロ知識から AI中心開発組織の変革担当に至るまで
rfdnxbro
0
120
2025年 開発生産「可能」性向上報告 サイロ解消からチームが能動性を獲得するまで/ 20251216 Naoki Takahashi
shift_evolve
PRO
2
220
Agent Skillsがハーネスの垣根を超える日
gotalab555
6
3.7k
LayerX QA Night#1
koyaman2
0
230
Featured
See All Featured
How to Build an AI Search Optimization Roadmap - Criteria and Steps to Take #SEOIRL
aleyda
1
1.8k
How to Align SEO within the Product Triangle To Get Buy-In & Support - #RIMC
aleyda
1
1.3k
Easily Structure & Communicate Ideas using Wireframe
afnizarnur
194
17k
Leading Effective Engineering Teams in the AI Era
addyosmani
9
1.4k
The Mindset for Success: Future Career Progression
greggifford
PRO
0
190
VelocityConf: Rendering Performance Case Studies
addyosmani
333
24k
Testing 201, or: Great Expectations
jmmastey
46
7.8k
Embracing the Ebb and Flow
colly
88
4.9k
Kristin Tynski - Automating Marketing Tasks With AI
techseoconnect
PRO
0
110
The Hidden Cost of Media on the Web [PixelPalooza 2025]
tammyeverts
2
120
From π to Pie charts
rasagy
0
89
Refactoring Trust on Your Teams (GOTO; Chicago 2020)
rmw
35
3.3k
Transcript
Securing your software supply chain Anatomie einer DevSecOps Pipeline 1
Storytime 2
3 The way of the Code
The castle illusion 4
5 The way of the Code
6 The way of the Code
Code reviews 7
Signing git commits 8
9 The way of the Code
The dependency iceberg 10
Automation is king 11 • FindBugs • SonarQube • SAST/DAST
• Maven, NPM, ... • Container Images • Operating System • npm audit • Dependabot • Renovate Source Code Analysis Dependency Analysis Update Automation
12 The way of the Code
13 The key to the kingdom
14 Current situation deploy
15 Zero-Trust Deployment IAM deploy poll
16 Policy trumps checks IAM deploy poll
codecentric AG Kreuznacher Straße 30 60486 Frankfurt am Main Telefon:
+49 (0) 173.731 02 40 Nicolas Byl Senior Cloud Consultant
[email protected]
www.codecentric.de Innovative - Trustful - Competent - Pragmatic 17
nbyl
zozotech
sansan33
yama3133
bitkey
shichijoyuhi
yayoi_dd
fullkaiten
asei
rfdnxbro
shift_evolve
gotalab555
koyaman2
aleyda
afnizarnur
addyosmani
greggifford
jmmastey
colly
techseoconnect
tammyeverts
rasagy
rmw
