Upgrade to Pro
— share decks privately, control downloads, hide ads and more …
Speaker Deck
Features
Speaker Deck
PRO
Sign in
Sign up for free
Search
Search
Securing your software supply chain
Search
Nicolas Byl
April 17, 2020
Technology
390
0
Share
Embed
Copy iframe code
Copy JS code
Copy link
Start on current slide
Securing your software supply chain
Nicolas Byl
April 17, 2020
More Decks by Nicolas Byl
See All by Nicolas Byl
Platform Engineering ❤️ Developer Experience
nbyl
0
53
Die Flucht aus der Prototypen-Hölle
nbyl
0
57
Lean Prototyping for Industrial-IoT Projects
nbyl
0
76
DevSecOps - Vom Unikum zur gut geölten Maschine
nbyl
0
120
Keeping-Up-WithUpstream.pdf
nbyl
0
190
Dr. Kube und der Helm - Anatomie einer CD-Pipeline
nbyl
0
150
Securing the "other" supply chain
nbyl
0
320
Kubernetes - Auf die Cluster, Fertig, Los!
nbyl
0
220
Helm - Kubernetes Deployments richtig gemacht
nbyl
0
150
Other Decks in Technology
See All in Technology
Cloud Run のアップデート 触ってみる&紹介
gre212
0
320
Claude code Orchestra
ozakiomumkj
3
980
データ基盤をDataformで整えた話 〜 開発環境を添えて 〜
takapy
0
120
ブロックチェーン / Blockchain
ks91
PRO
0
110
Amazon Bedrock AgentCore ワークショップ JAWS UG TOHOKU / amazon-bedrock-agentcore-workshop-jawsug-tohoku-2026
gawa
8
360
個人最適 から 全体最適 へ AI情報共有会・AIギルド・AI-DLC で進める カンリーの組織展開
rfdnxbro
0
1.7k
Platform Engineering as a Product: Criteria for Improvement and Multi-Tenant Design
kumorn5s
0
510
Ruby::Boxでできること、Refinementsでできること
joker1007
3
400
Dario Amodi『Policy on the AI Exponential』を理解する
nagatsu
0
190
関西に縁あるMicrosoft MVPsが語るCopilotの未来
kasada
0
1.2k
AIプラットフォームを運用し続けるための可観測性
tanimuyk
4
1.1k
トークン数だけでは測れない — Claude Code 組織展開の効果検証から学んだこと
makikub
0
130
Featured
See All Featured
Leveraging Curiosity to Care for An Aging Population
cassininazir
1
260
Improving Core Web Vitals using Speculation Rules API
sergeychernyshev
21
1.5k
Art, The Web, and Tiny UX
lynnandtonic
304
22k
Game over? The fight for quality and originality in the time of robots
wayneb77
1
190
Context Engineering - Making Every Token Count
addyosmani
9
940
Lightning Talk: Beautiful Slides for Beginners
inesmontani
PRO
2
570
Digital Ethics as a Driver of Design Innovation
axbom
PRO
1
300
AI in Enterprises - Java and Open Source to the Rescue
ivargrimstad
0
1.3k
Designing Experiences People Love
moore
143
24k
Max Prin - Stacking Signals: How International SEO Comes Together (And Falls Apart)
techseoconnect
PRO
0
180
Mind Mapping
helmedeiros
PRO
1
240
Conquering PDFs: document understanding beyond plain text
inesmontani
PRO
4
2.8k
Transcript
Securing your software supply chain Anatomie einer DevSecOps Pipeline 1
Storytime 2
3 The way of the Code
The castle illusion 4
5 The way of the Code
6 The way of the Code
Code reviews 7
Signing git commits 8
9 The way of the Code
The dependency iceberg 10
Automation is king 11 • FindBugs • SonarQube • SAST/DAST
• Maven, NPM, ... • Container Images • Operating System • npm audit • Dependabot • Renovate Source Code Analysis Dependency Analysis Update Automation
12 The way of the Code
13 The key to the kingdom
14 Current situation deploy
15 Zero-Trust Deployment IAM deploy poll
16 Policy trumps checks IAM deploy poll
codecentric AG Kreuznacher Straße 30 60486 Frankfurt am Main Telefon:
+49 (0) 173.731 02 40 Nicolas Byl Senior Cloud Consultant
[email protected]
www.codecentric.de Innovative - Trustful - Competent - Pragmatic 17
nbyl
gre212
ozakiomumkj
takapy
ks91
gawa
rfdnxbro
kumorn5s
joker1007
nagatsu
kasada
tanimuyk
makikub
cassininazir
sergeychernyshev
lynnandtonic
wayneb77
addyosmani
inesmontani
axbom
ivargrimstad
moore
techseoconnect
helmedeiros
