Upgrade to Pro
— share decks privately, control downloads, hide ads and more …
Speaker Deck
Features
Speaker Deck
PRO
Sign in
Sign up for free
Search
Search
Securing your software supply chain
Search
Nicolas Byl
April 17, 2020
Technology
390
0
Share
Securing your software supply chain
Nicolas Byl
April 17, 2020
More Decks by Nicolas Byl
See All by Nicolas Byl
Platform Engineering ❤️ Developer Experience
nbyl
0
49
Die Flucht aus der Prototypen-Hölle
nbyl
0
54
Lean Prototyping for Industrial-IoT Projects
nbyl
0
71
DevSecOps - Vom Unikum zur gut geölten Maschine
nbyl
0
120
Keeping-Up-WithUpstream.pdf
nbyl
0
180
Dr. Kube und der Helm - Anatomie einer CD-Pipeline
nbyl
0
150
Securing the "other" supply chain
nbyl
0
310
Kubernetes - Auf die Cluster, Fertig, Los!
nbyl
0
210
Helm - Kubernetes Deployments richtig gemacht
nbyl
0
140
Other Decks in Technology
See All in Technology
「誰一人取り残されない」 AIエージェント時代のプロダクト設計思想 Product Management Summit 2026
mizushimac
1
1.8k
「責任あるAIエージェント」こそ自社で開発しよう!
minorun365
10
2.3k
Building a Standalone Programming Environment
harukasan
PRO
1
160
Anthropic「Long-running a gents」をGeminiで再現してみた
tkikuchi
0
640
Keeping Ruby Running on Cygwin
fd0
0
180
20年前の「OSS革命」に学ぶ AI時代の生存戦略
samakada
0
500
Oracle AI Database@AWS:サービス概要のご紹介
oracle4engineer
PRO
4
2.4k
基盤を育てる 外部SaaS連携の運用
gamonges_dresscode
1
120
小説執筆のハーネスエンジニアリング
yoshitetsu
0
820
Revisiting [CLS] and Patch Token Interaction in Vision Transformers
yu4u
0
400
Microsoft 365 / Microsoft 365 Copilot : 自分の状態を確認する「ラベル」について
taichinakamura
0
370
AWS Transform CustomでIaCコードを自由自在に変換しよう
duelist2020jp
0
180
Featured
See All Featured
Visualizing Your Data: Incorporating Mongo into Loggly Infrastructure
mongodb
49
9.9k
Stop Working from a Prison Cell
hatefulcrawdad
274
21k
Neural Spatial Audio Processing for Sound Field Analysis and Control
skoyamalab
0
270
Stewardship and Sustainability of Urban and Community Forests
pwiseman
0
190
Code Reviewing Like a Champion
maltzj
528
40k
KATA
mclloyd
PRO
35
15k
RailsConf & Balkan Ruby 2019: The Past, Present, and Future of Rails at GitHub
eileencodes
141
35k
Fireside Chat
paigeccino
42
3.9k
実際に使うSQLの書き方 徹底解説 / pgcon21j-tutorial
soudai
PRO
199
73k
Fight the Zombie Pattern Library - RWD Summit 2016
marcelosomers
234
17k
Embracing the Ebb and Flow
colly
88
5k
Exploring the relationship between traditional SERPs and Gen AI search
raygrieselhuber
PRO
2
3.8k
Transcript
Securing your software supply chain Anatomie einer DevSecOps Pipeline 1
Storytime 2
3 The way of the Code
The castle illusion 4
5 The way of the Code
6 The way of the Code
Code reviews 7
Signing git commits 8
9 The way of the Code
The dependency iceberg 10
Automation is king 11 • FindBugs • SonarQube • SAST/DAST
• Maven, NPM, ... • Container Images • Operating System • npm audit • Dependabot • Renovate Source Code Analysis Dependency Analysis Update Automation
12 The way of the Code
13 The key to the kingdom
14 Current situation deploy
15 Zero-Trust Deployment IAM deploy poll
16 Policy trumps checks IAM deploy poll
codecentric AG Kreuznacher Straße 30 60486 Frankfurt am Main Telefon:
+49 (0) 173.731 02 40 Nicolas Byl Senior Cloud Consultant
[email protected]
www.codecentric.de Innovative - Trustful - Competent - Pragmatic 17
nbyl
mizushimac
minorun365
harukasan
tkikuchi
fd0
samakada
oracle4engineer
gamonges_dresscode
yoshitetsu
yu4u
taichinakamura
duelist2020jp
mongodb
hatefulcrawdad
skoyamalab
pwiseman
maltzj
mclloyd
eileencodes
paigeccino
soudai
marcelosomers
colly
raygrieselhuber
