Upgrade to Pro
— share decks privately, control downloads, hide ads and more …
Speaker Deck
Features
Speaker Deck
PRO
Sign in
Sign up for free
Search
Search
安全なソフトウェアサプライチェーンの実現 / secure-software-supply-chain-with-jfrog
Search
Tsuyoshi Miyake
May 18, 2022
Technology
0
16
安全なソフトウェアサプライチェーンの実現 / secure-software-supply-chain-with-jfrog
2022/05/18 に実施した JFrog x SoftBank x PrismaCloud 共同 DevSecOps セミナーの JFrog 発表分です
Tsuyoshi Miyake
May 18, 2022
Tweet
Share
More Decks by Tsuyoshi Miyake
See All by Tsuyoshi Miyake
JFrog 最新情報 - JFrog DevOps プラットフォームの今までとこれから / jfrog-update-for-devopskaigi-2022
tsuyo
0
310
猿でもわかるコンテナ V3 / a-monkeys-guide-to-container-v3
tsuyo
0
21
猿でもわかる DevOps / a-monkeys-guide-to-devops
tsuyo
0
680
はじめての JFrog Platform V2 / getting-started-with-jfrog-platform-v2
tsuyo
0
220
はじめての JFrog Distribution / getting-started-with-jfrog-distribution
tsuyo
0
140
はじめての JFrog Pipelines / getting-started-with-jfrog-pipelines
tsuyo
0
160
はじめての JFrog Xray / getting-started-with-jfrog-xray
tsuyo
0
1.3k
はじめての JFrog Artifactory / getting-started-with-jfrog-artifactory
tsuyo
0
790
はじめての JFrog Platform / getting-started-with-jfrog-platform
tsuyo
0
730
Other Decks in Technology
See All in Technology
VS CodeでAWSを操作しよう
smt7174
7
1.6k
どうするコスト最適化のトレードオフ
tetsuyaooooo
1
480
Azure犬駆動開発の記録/GlobalAzureFukuoka2024_20240420
nina01
1
200
ChatGPT for IT Service Management (IT Pro)
dahatake
7
1.5k
最近たまに見かけるTiDBってなんだ? - Findy
pingcap0315
2
760
チームでロジカルシンキングに改めて向き合っている話 〜学習環境と実践⽅法〜
sansantech
PRO
1
1.1k
FrontDoorとWebAppsを組み合わせた際のリダイレクト処理の注意点
kenichirokimura
1
480
ワールドカフェI /チューターを改良する / World Café I and Improving the Tutors
ks91
PRO
0
110
Databricks における 『MLOps』
databricksjapan
2
160
エンジニア候補者向け資料2024.04.24.pdf
macloud
0
3.3k
開発生産性向上サービスを作るFindyが自分たちで開発生産性を爆上げした組織づくりの歩み / Findy's path to boosting its own development productivity 2024-04-17
ma3tk
3
600
Kernel MemoryでAzure OpenAI Serviceとお手軽データソース連携
mitsuzono
1
180
Featured
See All Featured
No one is an island. Learnings from fostering a developers community.
thoeni
16
2.1k
Creating an realtime collaboration tool: Agile Flush - .NET Oxford
marcduiker
14
1.5k
Building a Modern Day E-commerce SEO Strategy
aleyda
17
6.4k
A better future with KSS
kneath
231
16k
Designing Dashboards & Data Visualisations in Web Apps
destraynor
226
51k
RailsConf 2023
tenderlove
3
540
Designing for humans not robots
tammielis
248
25k
Bootstrapping a Software Product
garrettdimon
PRO
302
110k
I Don’t Have Time: Getting Over the Fear to Launch Your Podcast
jcasabona
21
1.6k
Web Components: a chance to create the future
zenorocha
305
41k
[Rails World 2023 - Day 1 Closing Keynote] - The Magic of Rails
eileencodes
2
1.3k
Bash Introduction
62gerente
604
210k
Transcript
DevSecOps with JFrog Platform
2 § § Sr. DevOps Acceleration Engineer @JFrog § DevOps
Liquid Software § @tsuyoshi_miyake
[email protected]
3 TPS TPS - Wikipedia: Toyota Production System (https://en.wikipedia.org/wiki/Toyota_Production_System) DevOps
• • • 4
1 SSC N 5 • • •
1 N 6 VCS (Git) CI/CD ??? • • •
SSC OSS B C A OSS OSS SSC SSC 7
8 • • • •
(CVE) by OSS (CVE) Executive Order on Improving the Nation
s Cybersecurity CVE 9
24/7 Dedicated Support + DevOps Acceleration Service Arm BUILD TEST
RELEASE DEPLOY CI/CD On Premises & Multicloud VCS ACCESS FEDERATION ACL SSO 10 JFrog Platform
Artifactory for 11 docker-prod-local docker-dev-local (default) docker-qa-local Docker Hub docker-remote
docker
WATCHES Xray for SBOM (Software Bill of Materials) 12 POLICIES
Security License Fail Build Web Hooks, Slack, Emails XUC (Xray Update Center) Bundle Build Build Repo Repo Frogbot IDE XRAY ARTIFACTORY SBOM (SPDX, CycloneDX)
13 PIPELINES > git commit Public Repos IDE Git Repo
package .json ARTIFACTORY XRAY PLUGIN XRAY DISTRIBUTION DISTRIBUTION EDGE DISTRIBUTION EDGE Connect Pull Request with JFrog Platform
JFrog 14
THANK YOU!