Upgrade to Pro
— share decks privately, control downloads, hide ads and more …
Speaker Deck
Features
Speaker Deck
PRO
Sign in
Sign up for free
Search
Search
安全なソフトウェアサプライチェーンの実現 / secure-software-supply-c...
Search
Tsuyoshi Miyake
May 18, 2022
Technology
53
0
Share
安全なソフトウェアサプライチェーンの実現 / secure-software-supply-chain-with-jfrog
2022/05/18 に実施した JFrog x SoftBank x PrismaCloud 共同 DevSecOps セミナーの JFrog 発表分です
Tsuyoshi Miyake
May 18, 2022
More Decks by Tsuyoshi Miyake
See All by Tsuyoshi Miyake
JFrog 最新情報 - JFrog DevOps プラットフォームの今までとこれから / jfrog-update-for-devopskaigi-2022
tsuyo
0
460
猿でもわかるコンテナ V3 / a-monkeys-guide-to-container-v3
tsuyo
0
94
猿でもわかる DevOps / a-monkeys-guide-to-devops
tsuyo
0
870
はじめての JFrog Platform V2 / getting-started-with-jfrog-platform-v2
tsuyo
0
420
はじめての JFrog Distribution / getting-started-with-jfrog-distribution
tsuyo
0
200
はじめての JFrog Pipelines / getting-started-with-jfrog-pipelines
tsuyo
0
240
はじめての JFrog Xray / getting-started-with-jfrog-xray
tsuyo
0
1.6k
はじめての JFrog Artifactory / getting-started-with-jfrog-artifactory
tsuyo
0
1.2k
はじめての JFrog Platform / getting-started-with-jfrog-platform
tsuyo
0
860
Other Decks in Technology
See All in Technology
個人最適 から 全体最適 へ AI情報共有会・AIギルド・AI-DLC で進める カンリーの組織展開
rfdnxbro
0
1k
電子辞書Brainをネットに繋げてみた(自力編)
raspython3
0
430
速さだけじゃない! VoidZero ツールが移行先に選ばれる理由
mizdra
PRO
6
730
Dynamic Workersについて
yusukebe
2
570
React、まだ楽しくて草
uhyo
7
3.9k
AI フレンドリーなエラー監視を TypeScript で実現する
shinyaigeek
2
250
Oracle Cloud Infrastructure IaaS 新機能アップデート 2026/3 - 2026/5
oracle4engineer
PRO
1
160
製造業のクラウド活用最適解〜AI,DXを加速するデータ基盤の作り方〜
hamadakoji
0
320
Spring AI × MCP 入門〜AIエージェントへのツール公開、境界設計から始める最小構成 〜
yuyamiyamoto
0
210
ChatworkとBPaaS 異なる特性で学んだAI機能開発の ベストプラクティス
kubell_hr
2
2.3k
「速く作る」から「正しく作る」へ ─ 生成AI時代の開発フロー改革の ロードマップと実行 ─
starfish719
0
5.7k
noUncheckedIndexedAccess、3時間、1万円。 / noUncheckedIndexedAccess, 3 Hours, 10,000 JPY.
kaonavi
0
120
Featured
See All Featured
Navigating the moral maze — ethical principles for Al-driven product design
skipperchong
2
380
Self-Hosted WebAssembly Runtime for Runtime-Neutral Checkpoint/Restore in Edge–Cloud Continuum
chikuwait
0
560
The Art of Programming - Codeland 2020
erikaheidi
57
14k
Producing Creativity
orderedlist
PRO
348
40k
Evolution of real-time – Irina Nazarova, EuRuKo, 2024
irinanazarova
9
1.4k
The B2B funnel & how to create a winning content strategy
katarinadahlin
PRO
1
380
Scaling GitHub
holman
464
140k
The World Runs on Bad Software
bkeepers
PRO
72
12k
Site-Speed That Sticks
csswizardry
13
1.2k
SEO Brein meetup: CTRL+C is not how to scale international SEO
lindahogenes
1
2.7k
Utilizing Notion as your number one productivity tool
mfonobong
4
310
The Anti-SEO Checklist Checklist. Pubcon Cyber Week
ryanjones
0
150
Transcript
DevSecOps with JFrog Platform
2 § § Sr. DevOps Acceleration Engineer @JFrog § DevOps
Liquid Software § @tsuyoshi_miyake
[email protected]
3 TPS TPS - Wikipedia: Toyota Production System (https://en.wikipedia.org/wiki/Toyota_Production_System) DevOps
• • • 4
1 SSC N 5 • • •
1 N 6 VCS (Git) CI/CD ??? • • •
SSC OSS B C A OSS OSS SSC SSC 7
8 • • • •
(CVE) by OSS (CVE) Executive Order on Improving the Nation
s Cybersecurity CVE 9
24/7 Dedicated Support + DevOps Acceleration Service Arm BUILD TEST
RELEASE DEPLOY CI/CD On Premises & Multicloud VCS ACCESS FEDERATION ACL SSO 10 JFrog Platform
Artifactory for 11 docker-prod-local docker-dev-local (default) docker-qa-local Docker Hub docker-remote
docker
WATCHES Xray for SBOM (Software Bill of Materials) 12 POLICIES
Security License Fail Build Web Hooks, Slack, Emails XUC (Xray Update Center) Bundle Build Build Repo Repo Frogbot IDE XRAY ARTIFACTORY SBOM (SPDX, CycloneDX)
13 PIPELINES > git commit Public Repos IDE Git Repo
package .json ARTIFACTORY XRAY PLUGIN XRAY DISTRIBUTION DISTRIBUTION EDGE DISTRIBUTION EDGE Connect Pull Request with JFrog Platform
JFrog 14
THANK YOU!
tsuyo
rfdnxbro
raspython3
mizdra
yusukebe
uhyo
shinyaigeek
oracle4engineer
hamadakoji
yuyamiyamoto
kubell_hr
starfish719
kaonavi
skipperchong
chikuwait
erikaheidi
orderedlist
irinanazarova
katarinadahlin
holman
bkeepers
csswizardry
lindahogenes
mfonobong
ryanjones
