Upgrade to Pro
— share decks privately, control downloads, hide ads and more …
Speaker Deck
Features
Speaker Deck
PRO
Sign in
Sign up for free
Search
Search
Securing your software supply chain
Search
Sponsored
·
SiteGround - Reliable hosting with speed, security, and support you can count on.
→
Nicolas Byl
April 17, 2020
Technology
0
380
Securing your software supply chain
Nicolas Byl
April 17, 2020
Tweet
Share
More Decks by Nicolas Byl
See All by Nicolas Byl
Platform Engineering ❤️ Developer Experience
nbyl
0
34
Die Flucht aus der Prototypen-Hölle
nbyl
0
50
Lean Prototyping for Industrial-IoT Projects
nbyl
0
69
DevSecOps - Vom Unikum zur gut geölten Maschine
nbyl
0
110
Keeping-Up-WithUpstream.pdf
nbyl
0
180
Dr. Kube und der Helm - Anatomie einer CD-Pipeline
nbyl
0
140
Securing the "other" supply chain
nbyl
0
300
Kubernetes - Auf die Cluster, Fertig, Los!
nbyl
0
200
Helm - Kubernetes Deployments richtig gemacht
nbyl
0
140
Other Decks in Technology
See All in Technology
Datadog Cloud Cost Management で実現するFinOps
taiponrock
PRO
0
130
トラブルの大半は「言ってない」x「言ってない」じゃねーか!!
ichimichi
0
300
Snowflake Night #2 LT
taromatsui_cccmkhd
0
320
AI が Approve する開発フロー / How AI Reviewers Accelerate Our Development
zaimy
1
260
LY Tableauでの Tableau x AIの実践 (at Tableau Now! - 2026-02-26)
yoshitakaarakawa
0
1.2k
フルカイテン株式会社 エンジニア向け採用資料
fullkaiten
0
10k
Sansan Engineering Unit 紹介資料
sansan33
PRO
1
4k
ブラックボックス観測に基づくAI支援のプロトコルのリバースエンジニアリングと再現 ~AIを用いたリバースエンジニアリング~ @ SECCON 14 電脳会議 / Reverse Engineering and Reproduction of an AI-Assisted Protocol Based on Black-Box Observation @ SECCON 14 DENNO-KAIGI
chibiegg
0
130
Eight Engineering Unit 紹介資料
sansan33
PRO
1
6.9k
What's new in Go 1.26?
ciarana
2
280
Windows ネットワークを再確認する
murachiakira
PRO
0
250
Security Diaries of an Open Source IAM
ahus1
0
190
Featured
See All Featured
The Curious Case for Waylosing
cassininazir
0
260
Building Applications with DynamoDB
mza
96
6.9k
The Pragmatic Product Professional
lauravandoore
37
7.2k
Large-scale JavaScript Application Architecture
addyosmani
515
110k
How To Speak Unicorn (iThemes Webinar)
marktimemedia
1
400
Automating Front-end Workflow
addyosmani
1370
200k
Creating an realtime collaboration tool: Agile Flush - .NET Oxford
marcduiker
35
2.4k
The World Runs on Bad Software
bkeepers
PRO
72
12k
The Language of Interfaces
destraynor
162
26k
GraphQLとの向き合い方2022年版
quramy
50
14k
The Cost Of JavaScript in 2023
addyosmani
55
9.7k
What does AI have to do with Human Rights?
axbom
PRO
1
2k
Transcript
Securing your software supply chain Anatomie einer DevSecOps Pipeline 1
Storytime 2
3 The way of the Code
The castle illusion 4
5 The way of the Code
6 The way of the Code
Code reviews 7
Signing git commits 8
9 The way of the Code
The dependency iceberg 10
Automation is king 11 • FindBugs • SonarQube • SAST/DAST
• Maven, NPM, ... • Container Images • Operating System • npm audit • Dependabot • Renovate Source Code Analysis Dependency Analysis Update Automation
12 The way of the Code
13 The key to the kingdom
14 Current situation deploy
15 Zero-Trust Deployment IAM deploy poll
16 Policy trumps checks IAM deploy poll
codecentric AG Kreuznacher Straße 30 60486 Frankfurt am Main Telefon:
+49 (0) 173.731 02 40 Nicolas Byl Senior Cloud Consultant
[email protected]
www.codecentric.de Innovative - Trustful - Competent - Pragmatic 17
SiteGround - Reliable hosting with speed, security, and support you can count on.
nbyl
taiponrock
ichimichi
taromatsui_cccmkhd
zaimy
yoshitakaarakawa
fullkaiten
sansan33
chibiegg
ciarana
murachiakira
ahus1
cassininazir
mza
lauravandoore
addyosmani
marktimemedia
marcduiker
bkeepers
destraynor
quramy
axbom
