Lock in $30 Savings on PRO—Offer Ends Soon! ⏳
Speaker Deck
Features
Speaker Deck
PRO
Sign in
Sign up for free
Search
Search
Securing your software supply chain
Search
Nicolas Byl
April 17, 2020
Technology
0
370
Securing your software supply chain
Nicolas Byl
April 17, 2020
Tweet
Share
More Decks by Nicolas Byl
See All by Nicolas Byl
Platform Engineering ❤️ Developer Experience
nbyl
0
15
Die Flucht aus der Prototypen-Hölle
nbyl
0
43
Lean Prototyping for Industrial-IoT Projects
nbyl
0
48
DevSecOps - Vom Unikum zur gut geölten Maschine
nbyl
0
100
Keeping-Up-WithUpstream.pdf
nbyl
0
170
Dr. Kube und der Helm - Anatomie einer CD-Pipeline
nbyl
0
130
Securing the "other" supply chain
nbyl
0
280
Kubernetes - Auf die Cluster, Fertig, Los!
nbyl
0
190
Helm - Kubernetes Deployments richtig gemacht
nbyl
0
130
Other Decks in Technology
See All in Technology
なぜフロントエンド技術を追うのか?なぜカンファレンスに参加するのか?
sakito
9
2k
Design System Documentation Tooling 2025
takanorip
1
930
Bakuraku Engineering Team Deck
layerx
PRO
11
5.8k
手動から自動へ、そしてその先へ
moritamasami
0
190
AI駆動開発によるDDDの実践
dip_tech
PRO
0
290
Docker, Infraestructuras seguras y Hardening
josejuansanchez
0
150
Ryzen NPUにおけるAI Engineプログラミング
anjn
0
220
あなたの知らないDateのひみつ / The Secret of "Date" You Haven't known #tqrk16
expajp
0
110
Multimodal AI Driving Solutions to Societal Challenges
keio_smilab
PRO
1
120
Playwrightのソースコードに見る、自動テストを自動で書く技術
yusukeiwaki
5
2.2k
Claude Code はじめてガイド -1時間で学べるAI駆動開発の基本と実践-
oikon48
43
26k
Master Dataグループ紹介資料
sansan33
PRO
1
4k
Featured
See All Featured
4 Signs Your Business is Dying
shpigford
186
22k
Mobile First: as difficult as doing things right
swwweet
225
10k
The Straight Up "How To Draw Better" Workshop
denniskardys
239
140k
"I'm Feeling Lucky" - Building Great Search Experiences for Today's Users (#IAC19)
danielanewman
231
22k
Become a Pro
speakerdeck
PRO
30
5.7k
The Cost Of JavaScript in 2023
addyosmani
55
9.3k
Done Done
chrislema
186
16k
Unsuck your backbone
ammeep
671
58k
Refactoring Trust on Your Teams (GOTO; Chicago 2020)
rmw
35
3.3k
Measuring & Analyzing Core Web Vitals
bluesmoon
9
700
Building Better People: How to give real-time feedback that sticks.
wjessup
370
20k
Docker and Python
trallard
46
3.7k
Transcript
Securing your software supply chain Anatomie einer DevSecOps Pipeline 1
Storytime 2
3 The way of the Code
The castle illusion 4
5 The way of the Code
6 The way of the Code
Code reviews 7
Signing git commits 8
9 The way of the Code
The dependency iceberg 10
Automation is king 11 • FindBugs • SonarQube • SAST/DAST
• Maven, NPM, ... • Container Images • Operating System • npm audit • Dependabot • Renovate Source Code Analysis Dependency Analysis Update Automation
12 The way of the Code
13 The key to the kingdom
14 Current situation deploy
15 Zero-Trust Deployment IAM deploy poll
16 Policy trumps checks IAM deploy poll
codecentric AG Kreuznacher Straße 30 60486 Frankfurt am Main Telefon:
+49 (0) 173.731 02 40 Nicolas Byl Senior Cloud Consultant
[email protected]
www.codecentric.de Innovative - Trustful - Competent - Pragmatic 17
nbyl
sakito
takanorip
layerx
moritamasami
dip_tech
josejuansanchez
anjn
expajp
keio_smilab
yusukeiwaki
oikon48
sansan33
shpigford
swwweet
denniskardys
danielanewman
speakerdeck
addyosmani
chrislema
ammeep
rmw
bluesmoon
wjessup
trallard
