$30 off During Our Annual Pro Sale. View Details »
Speaker Deck
Features
Speaker Deck
PRO
Sign in
Sign up for free
Search
Search
安全なソフトウェアサプライチェーンの実現 / secure-software-supply-c...
Search
Tsuyoshi Miyake
May 18, 2022
Technology
0
42
安全なソフトウェアサプライチェーンの実現 / secure-software-supply-chain-with-jfrog
2022/05/18 に実施した JFrog x SoftBank x PrismaCloud 共同 DevSecOps セミナーの JFrog 発表分です
Tsuyoshi Miyake
May 18, 2022
Tweet
Share
More Decks by Tsuyoshi Miyake
See All by Tsuyoshi Miyake
JFrog 最新情報 - JFrog DevOps プラットフォームの今までとこれから / jfrog-update-for-devopskaigi-2022
tsuyo
0
440
猿でもわかるコンテナ V3 / a-monkeys-guide-to-container-v3
tsuyo
0
72
猿でもわかる DevOps / a-monkeys-guide-to-devops
tsuyo
0
820
はじめての JFrog Platform V2 / getting-started-with-jfrog-platform-v2
tsuyo
0
370
はじめての JFrog Distribution / getting-started-with-jfrog-distribution
tsuyo
0
180
はじめての JFrog Pipelines / getting-started-with-jfrog-pipelines
tsuyo
0
210
はじめての JFrog Xray / getting-started-with-jfrog-xray
tsuyo
0
1.5k
はじめての JFrog Artifactory / getting-started-with-jfrog-artifactory
tsuyo
0
1.1k
はじめての JFrog Platform / getting-started-with-jfrog-platform
tsuyo
0
820
Other Decks in Technology
See All in Technology
MLflowダイエット大作戦
lycorptech_jp
PRO
1
110
30分であなたをOmniのファンにしてみせます~分析画面のクリック操作をそのままコード化できるAI-ReadyなBIツール~
sagara
0
140
Lambdaの常識はどう変わる?!re:Invent 2025 before after
iwatatomoya
1
480
Microsoft Agent 365 についてゆっくりじっくり理解する!
skmkzyk
0
290
Sansanが実践する Platform EngineeringとSREの協創
sansantech
PRO
2
840
Haskell を武器にして挑む競技プログラミング ─ 操作的思考から意味モデル思考へ
naoya
6
1.5k
AWS CLIの新しい認証情報設定方法aws loginコマンドの実態
wkm2
6
720
AWS re:Invent 2025で見たGrafana最新機能の紹介
hamadakoji
0
360
非CUDAの悲哀 〜Claude Code と挑んだ image to 3D “Hunyuan3D”を EVO-X2(Ryzen AI Max+395)で動作させるチャレンジ〜
hawkymisc
2
180
Lessons from Migrating to OpenSearch: Shard Design, Log Ingestion, and UI Decisions
sansantech
PRO
1
120
グレートファイアウォールを自宅に建てよう
ctes091x
0
150
コミューンのデータ分析AIエージェント「Community Sage」の紹介
fufufukakaka
0
490
Featured
See All Featured
VelocityConf: Rendering Performance Case Studies
addyosmani
333
24k
How to train your dragon (web standard)
notwaldorf
97
6.4k
How GitHub (no longer) Works
holman
316
140k
The Success of Rails: Ensuring Growth for the Next 100 Years
eileencodes
47
7.9k
The Cost Of JavaScript in 2023
addyosmani
55
9.3k
Typedesign – Prime Four
hannesfritz
42
2.9k
個人開発の失敗を避けるイケてる考え方 / tips for indie hackers
panda_program
122
21k
Raft: Consensus for Rubyists
vanstee
141
7.2k
Principles of Awesome APIs and How to Build Them.
keavy
127
17k
ピンチをチャンスに:未来をつくるプロダクトロードマップ #pmconf2020
aki_iinuma
128
54k
Side Projects
sachag
455
43k
Embracing the Ebb and Flow
colly
88
4.9k
Transcript
DevSecOps with JFrog Platform
2 § § Sr. DevOps Acceleration Engineer @JFrog § DevOps
Liquid Software § @tsuyoshi_miyake
[email protected]
3 TPS TPS - Wikipedia: Toyota Production System (https://en.wikipedia.org/wiki/Toyota_Production_System) DevOps
• • • 4
1 SSC N 5 • • •
1 N 6 VCS (Git) CI/CD ??? • • •
SSC OSS B C A OSS OSS SSC SSC 7
8 • • • •
(CVE) by OSS (CVE) Executive Order on Improving the Nation
s Cybersecurity CVE 9
24/7 Dedicated Support + DevOps Acceleration Service Arm BUILD TEST
RELEASE DEPLOY CI/CD On Premises & Multicloud VCS ACCESS FEDERATION ACL SSO 10 JFrog Platform
Artifactory for 11 docker-prod-local docker-dev-local (default) docker-qa-local Docker Hub docker-remote
docker
WATCHES Xray for SBOM (Software Bill of Materials) 12 POLICIES
Security License Fail Build Web Hooks, Slack, Emails XUC (Xray Update Center) Bundle Build Build Repo Repo Frogbot IDE XRAY ARTIFACTORY SBOM (SPDX, CycloneDX)
13 PIPELINES > git commit Public Repos IDE Git Repo
package .json ARTIFACTORY XRAY PLUGIN XRAY DISTRIBUTION DISTRIBUTION EDGE DISTRIBUTION EDGE Connect Pull Request with JFrog Platform
JFrog 14
THANK YOU!
tsuyo
lycorptech_jp
sagara
iwatatomoya
skmkzyk
sansantech
naoya
wkm2
hamadakoji
hawkymisc
ctes091x
fufufukakaka
addyosmani
notwaldorf
holman
eileencodes
hannesfritz
panda_program
vanstee
keavy
aki_iinuma
sachag
colly
