Upgrade to Pro
— share decks privately, control downloads, hide ads and more …
Speaker Deck
Features
Speaker Deck
PRO
Sign in
Sign up for free
Search
Search
安全なソフトウェアサプライチェーンの実現 / secure-software-supply-c...
Search
Tsuyoshi Miyake
May 18, 2022
Technology
50
0
Share
安全なソフトウェアサプライチェーンの実現 / secure-software-supply-chain-with-jfrog
2022/05/18 に実施した JFrog x SoftBank x PrismaCloud 共同 DevSecOps セミナーの JFrog 発表分です
Tsuyoshi Miyake
May 18, 2022
More Decks by Tsuyoshi Miyake
See All by Tsuyoshi Miyake
JFrog 最新情報 - JFrog DevOps プラットフォームの今までとこれから / jfrog-update-for-devopskaigi-2022
tsuyo
0
460
猿でもわかるコンテナ V3 / a-monkeys-guide-to-container-v3
tsuyo
0
83
猿でもわかる DevOps / a-monkeys-guide-to-devops
tsuyo
0
850
はじめての JFrog Platform V2 / getting-started-with-jfrog-platform-v2
tsuyo
0
410
はじめての JFrog Distribution / getting-started-with-jfrog-distribution
tsuyo
0
190
はじめての JFrog Pipelines / getting-started-with-jfrog-pipelines
tsuyo
0
230
はじめての JFrog Xray / getting-started-with-jfrog-xray
tsuyo
0
1.6k
はじめての JFrog Artifactory / getting-started-with-jfrog-artifactory
tsuyo
0
1.2k
はじめての JFrog Platform / getting-started-with-jfrog-platform
tsuyo
0
840
Other Decks in Technology
See All in Technology
Sansanの認証基盤を支えるアーキテクチャとその振り返り
sansantech
PRO
1
120
SSoT(Single Source of Truth)で「壊して再生」する設計
kawauso
2
400
Kiro Meetup #7 Kiro アップデート (2025/12/15〜2026/3/20)
katzueno
2
270
AIにより大幅に強化された AWS Transform Customを触ってみる
0air
0
250
スケーリングを封じられたEC2を救いたい
senseofunity129
0
130
Bref でサービスを運用している話
sgash708
0
220
CloudFrontのHost Header転送設定でパケットの中身はどう変わるのか?
nagisa53
1
230
JEDAI認定プログラム JEDAI Order 2026 受賞者一覧 / JEDAI Order 2026 Winners
databricksjapan
0
420
Bill One 開発エンジニア 紹介資料
sansan33
PRO
5
18k
Oracle Cloud Infrastructure(OCI):Onboarding Session(はじめてのOCI/Oracle Supportご利⽤ガイド)
oracle4engineer
PRO
2
17k
MIX AUDIO EN BROADCAST
ralpherick
0
140
やさしいとこから始めるGitHubリポジトリのセキュリティ
tsubakimoto_s
3
2.1k
Featured
See All Featured
Measuring & Analyzing Core Web Vitals
bluesmoon
9
800
The untapped power of vector embeddings
frankvandijk
2
1.6k
Fireside Chat
paigeccino
42
3.9k
Accessibility Awareness
sabderemane
0
88
Design in an AI World
tapps
0
190
We Have a Design System, Now What?
morganepeng
55
8.1k
A Guide to Academic Writing Using Generative AI - A Workshop
ks91
PRO
0
250
Leadership Guide Workshop - DevTernity 2021
reverentgeek
1
260
Building Experiences: Design Systems, User Experience, and Full Site Editing
marktimemedia
0
460
Have SEOs Ruined the Internet? - User Awareness of SEO in 2025
akashhashmi
0
300
SERP Conf. Vienna - Web Accessibility: Optimizing for Inclusivity and SEO
sarafernandez
2
1.4k
Ethics towards AI in product and experience design
skipperchong
2
240
Transcript
DevSecOps with JFrog Platform
2 § § Sr. DevOps Acceleration Engineer @JFrog § DevOps
Liquid Software § @tsuyoshi_miyake
[email protected]
3 TPS TPS - Wikipedia: Toyota Production System (https://en.wikipedia.org/wiki/Toyota_Production_System) DevOps
• • • 4
1 SSC N 5 • • •
1 N 6 VCS (Git) CI/CD ??? • • •
SSC OSS B C A OSS OSS SSC SSC 7
8 • • • •
(CVE) by OSS (CVE) Executive Order on Improving the Nation
s Cybersecurity CVE 9
24/7 Dedicated Support + DevOps Acceleration Service Arm BUILD TEST
RELEASE DEPLOY CI/CD On Premises & Multicloud VCS ACCESS FEDERATION ACL SSO 10 JFrog Platform
Artifactory for 11 docker-prod-local docker-dev-local (default) docker-qa-local Docker Hub docker-remote
docker
WATCHES Xray for SBOM (Software Bill of Materials) 12 POLICIES
Security License Fail Build Web Hooks, Slack, Emails XUC (Xray Update Center) Bundle Build Build Repo Repo Frogbot IDE XRAY ARTIFACTORY SBOM (SPDX, CycloneDX)
13 PIPELINES > git commit Public Repos IDE Git Repo
package .json ARTIFACTORY XRAY PLUGIN XRAY DISTRIBUTION DISTRIBUTION EDGE DISTRIBUTION EDGE Connect Pull Request with JFrog Platform
JFrog 14
THANK YOU!
tsuyo
sansantech
kawauso
katzueno
0air
senseofunity129
sgash708
nagisa53
databricksjapan
sansan33
oracle4engineer
ralpherick
tsubakimoto_s
bluesmoon
frankvandijk
paigeccino
sabderemane
tapps
morganepeng
ks91
reverentgeek
marktimemedia
akashhashmi
sarafernandez
skipperchong
