Upgrade to Pro
— share decks privately, control downloads, hide ads and more …
Speaker Deck
Features
Speaker Deck
PRO
Sign in
Sign up for free
Search
Search
Securing your software supply chain
Search
Sponsored
·
SiteGround - Reliable hosting with speed, security, and support you can count on.
→
Nicolas Byl
April 17, 2020
Technology
0
380
Securing your software supply chain
Nicolas Byl
April 17, 2020
Tweet
Share
More Decks by Nicolas Byl
See All by Nicolas Byl
Platform Engineering ❤️ Developer Experience
nbyl
0
29
Die Flucht aus der Prototypen-Hölle
nbyl
0
48
Lean Prototyping for Industrial-IoT Projects
nbyl
0
67
DevSecOps - Vom Unikum zur gut geölten Maschine
nbyl
0
110
Keeping-Up-WithUpstream.pdf
nbyl
0
170
Dr. Kube und der Helm - Anatomie einer CD-Pipeline
nbyl
0
140
Securing the "other" supply chain
nbyl
0
290
Kubernetes - Auf die Cluster, Fertig, Los!
nbyl
0
200
Helm - Kubernetes Deployments richtig gemacht
nbyl
0
140
Other Decks in Technology
See All in Technology
Amazon Bedrock Knowledge Basesチャンキング解説!
aoinoguchi
0
140
Claude_CodeでSEOを最適化する_AI_Ops_Community_Vol.2__マーケティングx_AIはここまで進化した.pdf
riku_423
2
570
CDK対応したAWS DevOps Agentを試そう_20260201
masakiokuda
1
280
会社紹介資料 / Sansan Company Profile
sansan33
PRO
15
400k
M&A 後の統合をどう進めるか ─ ナレッジワーク × Poetics が実践した組織とシステムの融合
kworkdev
PRO
1
450
SREのプラクティスを用いた3領域同時 マネジメントへの挑戦 〜SRE・情シス・セキュリティを統合した チーム運営術〜
coconala_engineer
2
650
超初心者からでも大丈夫!オープンソース半導体の楽しみ方〜今こそ!オレオレチップをつくろう〜
keropiyo
0
110
Context Engineeringが企業で不可欠になる理由
hirosatogamo
PRO
3
580
Codex 5.3 と Opus 4.6 にコーポレートサイトを作らせてみた / Codex 5.3 vs Opus 4.6
ama_ch
0
150
外部キー制約の知っておいて欲しいこと - RDBMSを正しく使うために必要なこと / FOREIGN KEY Night
soudai
PRO
12
5.4k
usermode linux without MMU - fosdem2026 kernel devroom
thehajime
0
230
名刺メーカーDevグループ 紹介資料
sansan33
PRO
0
1k
Featured
See All Featured
Ruling the World: When Life Gets Gamed
codingconduct
0
140
Everyday Curiosity
cassininazir
0
130
Bash Introduction
62gerente
615
210k
The agentic SEO stack - context over prompts
schlessera
0
640
What’s in a name? Adding method to the madness
productmarketing
PRO
24
3.9k
Are puppies a ranking factor?
jonoalderson
1
2.7k
Exploring the relationship between traditional SERPs and Gen AI search
raygrieselhuber
PRO
2
3.6k
[SF Ruby Conf 2025] Rails X
palkan
1
750
Designing for Performance
lara
610
70k
Un-Boring Meetings
codingconduct
0
200
YesSQL, Process and Tooling at Scale
rocio
174
15k
Primal Persuasion: How to Engage the Brain for Learning That Lasts
tmiket
0
250
Transcript
Securing your software supply chain Anatomie einer DevSecOps Pipeline 1
Storytime 2
3 The way of the Code
The castle illusion 4
5 The way of the Code
6 The way of the Code
Code reviews 7
Signing git commits 8
9 The way of the Code
The dependency iceberg 10
Automation is king 11 • FindBugs • SonarQube • SAST/DAST
• Maven, NPM, ... • Container Images • Operating System • npm audit • Dependabot • Renovate Source Code Analysis Dependency Analysis Update Automation
12 The way of the Code
13 The key to the kingdom
14 Current situation deploy
15 Zero-Trust Deployment IAM deploy poll
16 Policy trumps checks IAM deploy poll
codecentric AG Kreuznacher Straße 30 60486 Frankfurt am Main Telefon:
+49 (0) 173.731 02 40 Nicolas Byl Senior Cloud Consultant
[email protected]
www.codecentric.de Innovative - Trustful - Competent - Pragmatic 17
SiteGround - Reliable hosting with speed, security, and support you can count on.
nbyl
aoinoguchi
riku_423
masakiokuda
sansan33
kworkdev
coconala_engineer
keropiyo
hirosatogamo
ama_ch
soudai
thehajime
codingconduct
cassininazir
62gerente
schlessera
productmarketing
jonoalderson
raygrieselhuber
palkan
lara
rocio
tmiket
