Upgrade to Pro
— share decks privately, control downloads, hide ads and more …
Speaker Deck
Features
Speaker Deck
PRO
Sign in
Sign up for free
Search
Search
Securing your software supply chain
Search
Nicolas Byl
April 17, 2020
Technology
390
0
Share
Embed
Copy iframe code
Copy JS code
Copy link
Start on current slide
Securing your software supply chain
Nicolas Byl
April 17, 2020
More Decks by Nicolas Byl
See All by Nicolas Byl
Platform Engineering ❤️ Developer Experience
nbyl
0
55
Die Flucht aus der Prototypen-Hölle
nbyl
0
57
Lean Prototyping for Industrial-IoT Projects
nbyl
0
76
DevSecOps - Vom Unikum zur gut geölten Maschine
nbyl
0
120
Keeping-Up-WithUpstream.pdf
nbyl
0
190
Dr. Kube und der Helm - Anatomie einer CD-Pipeline
nbyl
0
150
Securing the "other" supply chain
nbyl
0
320
Kubernetes - Auf die Cluster, Fertig, Los!
nbyl
0
220
Helm - Kubernetes Deployments richtig gemacht
nbyl
0
150
Other Decks in Technology
See All in Technology
Why is RC4 still being used?
tamaiyutaro
0
190
本当の”仕事”を手放せる未来が見えた
mu7889yoon
0
200
AWS Summit Japan 2026の振り返りと2027へ向けて / AWS Summit Japan 2026 Recap and Prospects for 2027
kaminashi
1
110
Multi-Agent並列開発を 安全に回すための技術 / Technology for Safely Multi-Agent Parallel Development
tooppoo
0
220
クラウドファンディング版StackChan 3体(4体)をインタラクティブな体験型作品にして展示もした話 / スタックチャンお誕生日会2026
you
PRO
0
250
『AIに負けない』より『AIと遊ぶ』」〜ワクワクが最強のテスト・QA学習戦略_公開用
odan611
1
110
4人目のSREはAgent
tanimuyk
0
290
攻撃者がいなくてもAIエージェントはインシデントを起こす
nomizone
0
150
“ID沼入口” - 基本とセキュリティから始める、考え続けるためのID管理技術勉強会 告知&イントロ
ritou
0
160
Comment regagner la souveraineté de vos données tout en étant payé grâce à Nostr !
rlifchitz
0
230
脱SaaS!FDEを支えるプロビジョニングと分離設計
knih
0
310
フルカイテン株式会社 エンジニア向け採用資料
fullkaiten
0
11k
Featured
See All Featured
Breaking role norms: Why Content Design is so much more than writing copy - Taylor Woolridge
uxyall
0
330
Why Your Marketing Sucks and What You Can Do About It - Sophie Logan
marketingsoph
0
180
HDC tutorial
michielstock
2
720
JAMstack: Web Apps at Ludicrous Speed - All Things Open 2022
reverentgeek
1
480
Large-scale JavaScript Application Architecture
addyosmani
515
110k
ReactJS: Keep Simple. Everything can be a component!
pedronauck
666
130k
Leveraging Curiosity to Care for An Aging Population
cassininazir
1
280
The innovator’s Mindset - Leading Through an Era of Exponential Change - McGill University 2025
jdejongh
PRO
1
210
Claude Code のすすめ
schroneko
67
230k
Marketing to machines
jonoalderson
1
5.5k
Design in an AI World
tapps
1
250
Building an army of robots
kneath
306
46k
Transcript
Securing your software supply chain Anatomie einer DevSecOps Pipeline 1
Storytime 2
3 The way of the Code
The castle illusion 4
5 The way of the Code
6 The way of the Code
Code reviews 7
Signing git commits 8
9 The way of the Code
The dependency iceberg 10
Automation is king 11 • FindBugs • SonarQube • SAST/DAST
• Maven, NPM, ... • Container Images • Operating System • npm audit • Dependabot • Renovate Source Code Analysis Dependency Analysis Update Automation
12 The way of the Code
13 The key to the kingdom
14 Current situation deploy
15 Zero-Trust Deployment IAM deploy poll
16 Policy trumps checks IAM deploy poll
codecentric AG Kreuznacher Straße 30 60486 Frankfurt am Main Telefon:
+49 (0) 173.731 02 40 Nicolas Byl Senior Cloud Consultant
[email protected]
www.codecentric.de Innovative - Trustful - Competent - Pragmatic 17