Tweet
Tweet

Slide 1

Slide 1 text

DevSecOps with JFrog Platform

Slide 2

Slide 2 text

2 § § Sr. DevOps Acceleration Engineer @JFrog § DevOps Liquid Software § @tsuyoshi_miyake miyaket@jfrog.com

Slide 3

Slide 3 text

3 TPS TPS - Wikipedia: Toyota Production System (https://en.wikipedia.org/wiki/Toyota_Production_System) DevOps

Slide 4

Slide 4 text

• • • 4

Slide 5

Slide 5 text

1 SSC N 5 • • •

Slide 6

Slide 6 text

1 N 6 VCS (Git) CI/CD ??? • • •

Slide 7

Slide 7 text

SSC OSS B C A OSS OSS SSC SSC 7

Slide 8

Slide 8 text

8 • • • •

Slide 9

Slide 9 text

(CVE) by OSS (CVE) Executive Order on Improving the Nation s Cybersecurity CVE 9

Slide 10

Slide 10 text

24/7 Dedicated Support + DevOps Acceleration Service Arm BUILD TEST RELEASE DEPLOY CI/CD On Premises & Multicloud VCS ACCESS FEDERATION ACL SSO 10 JFrog Platform

Slide 11

Slide 11 text

Artifactory for 11 docker-prod-local docker-dev-local (default) docker-qa-local Docker Hub docker-remote docker

Slide 12

Slide 12 text

WATCHES Xray for SBOM (Software Bill of Materials) 12 POLICIES Security License Fail Build Web Hooks, Slack, Emails XUC (Xray Update Center) Bundle Build Build Repo Repo Frogbot IDE XRAY ARTIFACTORY SBOM (SPDX, CycloneDX)

Slide 13

Slide 13 text

13 PIPELINES > git commit Public Repos IDE Git Repo package .json ARTIFACTORY XRAY PLUGIN XRAY DISTRIBUTION DISTRIBUTION EDGE DISTRIBUTION EDGE Connect Pull Request with JFrog Platform

Slide 14

Slide 14 text

JFrog 14

Slide 15

Slide 15 text

THANK YOU!