Upgrade to Pro
— share decks privately, control downloads, hide ads and more …
Speaker Deck
Features
Speaker Deck
PRO
Sign in
Sign up for free
Search
Search
安全なソフトウェアサプライチェーンの実現 / secure-software-supply-c...
Search
Tsuyoshi Miyake
May 18, 2022
Technology
0
47
安全なソフトウェアサプライチェーンの実現 / secure-software-supply-chain-with-jfrog
2022/05/18 に実施した JFrog x SoftBank x PrismaCloud 共同 DevSecOps セミナーの JFrog 発表分です
Tsuyoshi Miyake
May 18, 2022
Tweet
Share
More Decks by Tsuyoshi Miyake
See All by Tsuyoshi Miyake
JFrog 最新情報 - JFrog DevOps プラットフォームの今までとこれから / jfrog-update-for-devopskaigi-2022
tsuyo
0
450
猿でもわかるコンテナ V3 / a-monkeys-guide-to-container-v3
tsuyo
0
78
猿でもわかる DevOps / a-monkeys-guide-to-devops
tsuyo
0
840
はじめての JFrog Platform V2 / getting-started-with-jfrog-platform-v2
tsuyo
0
390
はじめての JFrog Distribution / getting-started-with-jfrog-distribution
tsuyo
0
180
はじめての JFrog Pipelines / getting-started-with-jfrog-pipelines
tsuyo
0
220
はじめての JFrog Xray / getting-started-with-jfrog-xray
tsuyo
0
1.5k
はじめての JFrog Artifactory / getting-started-with-jfrog-artifactory
tsuyo
0
1.2k
はじめての JFrog Platform / getting-started-with-jfrog-platform
tsuyo
0
830
Other Decks in Technology
See All in Technology
[CV勉強会@関東 World Model 読み会] Orbis: Overcoming Challenges of Long-Horizon Prediction in Driving World Models (Mousakhan+, NeurIPS 2025)
abemii
0
140
ブロックテーマでサイトをリニューアルした話 / 2026-01-31 Kansai WordPress Meetup
torounit
0
470
モダンUIでフルサーバーレスなAIエージェントをAmplifyとCDKでサクッとデプロイしよう
minorun365
4
210
Sansan Engineering Unit 紹介資料
sansan33
PRO
1
3.9k
こんなところでも(地味に)活躍するImage Modeさんを知ってるかい?- Image Mode for OpenShift -
tsukaman
0
140
Digitization部 紹介資料
sansan33
PRO
1
6.8k
AIエージェントを開発しよう!-AgentCore活用の勘所-
yukiogawa
0
170
クレジットカード決済基盤を支えるSRE - 厳格な監査とSRE運用の両立 (SRE Kaigi 2026)
capytan
6
2.8k
SREじゃなかった僕らがenablingを通じて「SRE実践者」になるまでのリアル / SRE Kaigi 2026
aeonpeople
6
2.4k
顧客との商談議事録をみんなで読んで顧客解像度を上げよう
shibayu36
0
240
~Everything as Codeを諦めない~ 後からCDK
mu7889yoon
3
390
プロポーザルに込める段取り八分
shoheimitani
1
280
Featured
See All Featured
Mozcon NYC 2025: Stop Losing SEO Traffic
samtorres
0
140
How to build a perfect <img>
jonoalderson
1
4.9k
Beyond borders and beyond the search box: How to win the global "messy middle" with AI-driven SEO
davidcarrasco
1
53
Bootstrapping a Software Product
garrettdimon
PRO
307
120k
The State of eCommerce SEO: How to Win in Today's Products SERPs - #SEOweek
aleyda
2
9.5k
We Have a Design System, Now What?
morganepeng
54
8k
A Soul's Torment
seathinner
5
2.3k
Building Experiences: Design Systems, User Experience, and Full Site Editing
marktimemedia
0
410
Automating Front-end Workflow
addyosmani
1371
200k
Being A Developer After 40
akosma
91
590k
Building a A Zero-Code AI SEO Workflow
portentint
PRO
0
310
Breaking role norms: Why Content Design is so much more than writing copy - Taylor Woolridge
uxyall
0
170
Transcript
DevSecOps with JFrog Platform
2 § § Sr. DevOps Acceleration Engineer @JFrog § DevOps
Liquid Software § @tsuyoshi_miyake
[email protected]
3 TPS TPS - Wikipedia: Toyota Production System (https://en.wikipedia.org/wiki/Toyota_Production_System) DevOps
• • • 4
1 SSC N 5 • • •
1 N 6 VCS (Git) CI/CD ??? • • •
SSC OSS B C A OSS OSS SSC SSC 7
8 • • • •
(CVE) by OSS (CVE) Executive Order on Improving the Nation
s Cybersecurity CVE 9
24/7 Dedicated Support + DevOps Acceleration Service Arm BUILD TEST
RELEASE DEPLOY CI/CD On Premises & Multicloud VCS ACCESS FEDERATION ACL SSO 10 JFrog Platform
Artifactory for 11 docker-prod-local docker-dev-local (default) docker-qa-local Docker Hub docker-remote
docker
WATCHES Xray for SBOM (Software Bill of Materials) 12 POLICIES
Security License Fail Build Web Hooks, Slack, Emails XUC (Xray Update Center) Bundle Build Build Repo Repo Frogbot IDE XRAY ARTIFACTORY SBOM (SPDX, CycloneDX)
13 PIPELINES > git commit Public Repos IDE Git Repo
package .json ARTIFACTORY XRAY PLUGIN XRAY DISTRIBUTION DISTRIBUTION EDGE DISTRIBUTION EDGE Connect Pull Request with JFrog Platform
JFrog 14
THANK YOU!
tsuyo
abemii
torounit
minorun365
sansan33
tsukaman
yukiogawa
capytan
aeonpeople
shibayu36
mu7889yoon
shoheimitani
samtorres
jonoalderson
davidcarrasco
garrettdimon
aleyda
morganepeng
seathinner
marktimemedia
addyosmani
akosma
portentint
uxyall
