Upgrade to Pro
— share decks privately, control downloads, hide ads and more …
Speaker Deck
Features
Speaker Deck
PRO
Sign in
Sign up for free
Search
Search
Securing your software supply chain
Search
Nicolas Byl
April 17, 2020
Technology
0
380
Securing your software supply chain
Nicolas Byl
April 17, 2020
Tweet
Share
More Decks by Nicolas Byl
See All by Nicolas Byl
Platform Engineering ❤️ Developer Experience
nbyl
0
34
Die Flucht aus der Prototypen-Hölle
nbyl
0
50
Lean Prototyping for Industrial-IoT Projects
nbyl
0
69
DevSecOps - Vom Unikum zur gut geölten Maschine
nbyl
0
110
Keeping-Up-WithUpstream.pdf
nbyl
0
180
Dr. Kube und der Helm - Anatomie einer CD-Pipeline
nbyl
0
140
Securing the "other" supply chain
nbyl
0
300
Kubernetes - Auf die Cluster, Fertig, Los!
nbyl
0
200
Helm - Kubernetes Deployments richtig gemacht
nbyl
0
140
Other Decks in Technology
See All in Technology
入門DBSC
ynojima
0
130
AI が Approve する開発フロー / How AI Reviewers Accelerate Our Development
zaimy
1
260
作るべきものと向き合う - ecspresso 8年間の開発史から学ぶ技術選定 / 技術選定con findy 2026
fujiwara3
7
2k
名刺メーカーDevグループ 紹介資料
sansan33
PRO
0
1.1k
開発組織の課題解決を加速するための権限委譲 -する側、される側としての向き合い方-
daitasu
3
170
トップマネジメントとコンピテンシーから考えるエンジニアリングマネジメント
zigorou
3
450
Data Hubグループ 紹介資料
sansan33
PRO
0
2.8k
Oracle Cloud Infrastructure:2026年2月度サービス・アップデート
oracle4engineer
PRO
0
200
ヘルシーSRE
tk3fftk
2
230
新職業『オーケストレーター』誕生 — エージェント10体を同時に回すAgentOps
gunta
1
360
バクラクのSREにおけるAgentic AIへの挑戦/Our Journey with Agentic AI
taddy_919
2
980
Agentic Software Modernization - Back to the Roots (Zürich Agentic Coding and Architectures, März 2026)
feststelltaste
1
130
Featured
See All Featured
Max Prin - Stacking Signals: How International SEO Comes Together (And Falls Apart)
techseoconnect
PRO
0
110
Winning Ecommerce Organic Search in an AI Era - #searchnstuff2025
aleyda
1
1.9k
Docker and Python
trallard
47
3.8k
Automating Front-end Workflow
addyosmani
1370
200k
Tell your own story through comics
letsgokoyo
1
830
The Illustrated Children's Guide to Kubernetes
chrisshort
51
52k
jQuery: Nuts, Bolts and Bling
dougneiner
65
8.4k
Data-driven link building: lessons from a $708K investment (BrightonSEO talk)
szymonslowik
1
950
Gemini Prompt Engineering: Practical Techniques for Tangible AI Outcomes
mfonobong
2
300
KATA
mclloyd
PRO
35
15k
AI Search: Implications for SEO and How to Move Forward - #ShenzhenSEOConference
aleyda
1
1.1k
Claude Code どこまでも/ Claude Code Everywhere
nwiizo
63
53k
Transcript
Securing your software supply chain Anatomie einer DevSecOps Pipeline 1
Storytime 2
3 The way of the Code
The castle illusion 4
5 The way of the Code
6 The way of the Code
Code reviews 7
Signing git commits 8
9 The way of the Code
The dependency iceberg 10
Automation is king 11 • FindBugs • SonarQube • SAST/DAST
• Maven, NPM, ... • Container Images • Operating System • npm audit • Dependabot • Renovate Source Code Analysis Dependency Analysis Update Automation
12 The way of the Code
13 The key to the kingdom
14 Current situation deploy
15 Zero-Trust Deployment IAM deploy poll
16 Policy trumps checks IAM deploy poll
codecentric AG Kreuznacher Straße 30 60486 Frankfurt am Main Telefon:
+49 (0) 173.731 02 40 Nicolas Byl Senior Cloud Consultant
[email protected]
www.codecentric.de Innovative - Trustful - Competent - Pragmatic 17
nbyl
ynojima
zaimy
fujiwara3
sansan33
daitasu
zigorou
oracle4engineer
tk3fftk
gunta
taddy_919
feststelltaste
techseoconnect
aleyda
trallard
addyosmani
letsgokoyo
chrisshort
dougneiner
szymonslowik
mfonobong
mclloyd
nwiizo
