Upgrade to Pro
— share decks privately, control downloads, hide ads and more …
Speaker Deck
Features
Speaker Deck
PRO
Sign in
Sign up for free
Search
Search
Securing your software supply chain
Search
Nicolas Byl
April 17, 2020
Technology
0
370
Securing your software supply chain
Nicolas Byl
April 17, 2020
Tweet
Share
More Decks by Nicolas Byl
See All by Nicolas Byl
Platform Engineering ❤️ Developer Experience
nbyl
0
25
Die Flucht aus der Prototypen-Hölle
nbyl
0
45
Lean Prototyping for Industrial-IoT Projects
nbyl
0
61
DevSecOps - Vom Unikum zur gut geölten Maschine
nbyl
0
110
Keeping-Up-WithUpstream.pdf
nbyl
0
170
Dr. Kube und der Helm - Anatomie einer CD-Pipeline
nbyl
0
130
Securing the "other" supply chain
nbyl
0
290
Kubernetes - Auf die Cluster, Fertig, Los!
nbyl
0
200
Helm - Kubernetes Deployments richtig gemacht
nbyl
0
130
Other Decks in Technology
See All in Technology
手軽に作れる電卓を作って イベントソーシングに親しもう CQRS+ESカンファレンス2026
akinoriakatsuka
0
440
名刺メーカーDevグループ 紹介資料
sansan33
PRO
0
1k
チームで安全にClaude Codeを利用するためのプラクティス / team-claude-code-practices
tomoki10
7
3.4k
歴史から学ぶ、Goのメモリ管理基礎
logica0419
14
2.8k
「違う現場で格闘する二人」——社内コミュニティがつないだトヨタ流アジャイルの実践とその先
shinichitakeuchi
0
440
Oracle Database@Google Cloud:サービス概要のご紹介
oracle4engineer
PRO
1
930
純粋なイミュータブルモデルを設計してからイベントソーシングと組み合わせるDeciderの実践方法の紹介 /Introducing Decider Pattern with Event Sourcing
tomohisa
1
1.2k
サラリーマンソフトウェアエンジニアのキャリア
yuheinakasaka
41
19k
クラウドセキュリティの進化 — AWSの20年を振り返る
kei4eva4
0
120
プロンプトエンジニアリングを超えて:自由と統制のあいだでつくる Platform × Context Engineering
yuriemori
0
460
形式手法特論:コンパイラの「正しさ」は証明できるか? #burikaigi / BuriKaigi 2026
ytaka23
17
6.2k
Proxmoxで作る自宅クラウド入門
koinunopochi
0
140
Featured
See All Featured
Build The Right Thing And Hit Your Dates
maggiecrowley
38
3k
Bridging the Design Gap: How Collaborative Modelling removes blockers to flow between stakeholders and teams @FastFlow conf
baasie
0
430
Six Lessons from altMBA
skipperchong
29
4.1k
The browser strikes back
jonoalderson
0
310
The Limits of Empathy - UXLibs8
cassininazir
1
200
Statistics for Hackers
jakevdp
799
230k
Pawsitive SEO: Lessons from My Dog (and Many Mistakes) on Thriving as a Consultant in the Age of AI
davidcarrasco
0
47
Into the Great Unknown - MozCon
thekraken
40
2.2k
4 Signs Your Business is Dying
shpigford
187
22k
Marketing to machines
jonoalderson
1
4.5k
How to Align SEO within the Product Triangle To Get Buy-In & Support - #RIMC
aleyda
1
1.4k
Accessibility Awareness
sabderemane
0
35
Transcript
Securing your software supply chain Anatomie einer DevSecOps Pipeline 1
Storytime 2
3 The way of the Code
The castle illusion 4
5 The way of the Code
6 The way of the Code
Code reviews 7
Signing git commits 8
9 The way of the Code
The dependency iceberg 10
Automation is king 11 • FindBugs • SonarQube • SAST/DAST
• Maven, NPM, ... • Container Images • Operating System • npm audit • Dependabot • Renovate Source Code Analysis Dependency Analysis Update Automation
12 The way of the Code
13 The key to the kingdom
14 Current situation deploy
15 Zero-Trust Deployment IAM deploy poll
16 Policy trumps checks IAM deploy poll
codecentric AG Kreuznacher Straße 30 60486 Frankfurt am Main Telefon:
+49 (0) 173.731 02 40 Nicolas Byl Senior Cloud Consultant
[email protected]
www.codecentric.de Innovative - Trustful - Competent - Pragmatic 17
nbyl
akinoriakatsuka
sansan33
tomoki10
logica0419
shinichitakeuchi
oracle4engineer
tomohisa
yuheinakasaka
kei4eva4
yuriemori
ytaka23
.jpeg){kind=avatar}
koinunopochi
maggiecrowley
baasie
skipperchong
jonoalderson
cassininazir
jakevdp
davidcarrasco
thekraken
shpigford
aleyda
sabderemane
