Upgrade to Pro
— share decks privately, control downloads, hide ads and more …
Speaker Deck
Features
Speaker Deck
PRO
Sign in
Sign up for free
Search
Search
安全なソフトウェアサプライチェーンの実現 / secure-software-supply-c...
Search
Sponsored
·
Ship Features Fearlessly
Turn features on and off without deploys. Used by thousands of Ruby developers.
→
Tsuyoshi Miyake
May 18, 2022
Technology
0
47
安全なソフトウェアサプライチェーンの実現 / secure-software-supply-chain-with-jfrog
2022/05/18 に実施した JFrog x SoftBank x PrismaCloud 共同 DevSecOps セミナーの JFrog 発表分です
Tsuyoshi Miyake
May 18, 2022
Tweet
Share
More Decks by Tsuyoshi Miyake
See All by Tsuyoshi Miyake
JFrog 最新情報 - JFrog DevOps プラットフォームの今までとこれから / jfrog-update-for-devopskaigi-2022
tsuyo
0
450
猿でもわかるコンテナ V3 / a-monkeys-guide-to-container-v3
tsuyo
0
78
猿でもわかる DevOps / a-monkeys-guide-to-devops
tsuyo
0
840
はじめての JFrog Platform V2 / getting-started-with-jfrog-platform-v2
tsuyo
0
390
はじめての JFrog Distribution / getting-started-with-jfrog-distribution
tsuyo
0
180
はじめての JFrog Pipelines / getting-started-with-jfrog-pipelines
tsuyo
0
220
はじめての JFrog Xray / getting-started-with-jfrog-xray
tsuyo
0
1.5k
はじめての JFrog Artifactory / getting-started-with-jfrog-artifactory
tsuyo
0
1.2k
はじめての JFrog Platform / getting-started-with-jfrog-platform
tsuyo
0
830
Other Decks in Technology
See All in Technology
Sansan Engineering Unit 紹介資料
sansan33
PRO
1
3.9k
Webhook best practices for rock solid and resilient deployments
glaforge
1
290
SRE Enabling戦記 - 急成長する組織にSREを浸透させる戦いの歴史
markie1009
0
120
~Everything as Codeを諦めない~ 後からCDK
mu7889yoon
3
390
インフラエンジニア必見!Kubernetesを用いたクラウドネイティブ設計ポイント大全
daitak
1
360
ファインディの横断SREがTakumi byGMOと取り組む、セキュリティと開発スピードの両立
rvirus0817
1
1.4k
顧客との商談議事録をみんなで読んで顧客解像度を上げよう
shibayu36
0
240
Introduction to Sansan for Engineers / エンジニア向け会社紹介
sansan33
PRO
6
68k
SREじゃなかった僕らがenablingを通じて「SRE実践者」になるまでのリアル / SRE Kaigi 2026
aeonpeople
6
2.4k
Azure Durable Functions で作った NL2SQL Agent の精度向上に取り組んだ話/jat08
thara0402
0
190
ZOZOにおけるAI活用の現在 ~開発組織全体での取り組みと試行錯誤~
zozotech
PRO
5
5.6k
こんなところでも(地味に)活躍するImage Modeさんを知ってるかい?- Image Mode for OpenShift -
tsukaman
0
140
Featured
See All Featured
Refactoring Trust on Your Teams (GOTO; Chicago 2020)
rmw
35
3.4k
No one is an island. Learnings from fostering a developers community.
thoeni
21
3.6k
A brief & incomplete history of UX Design for the World Wide Web: 1989–2019
jct
1
300
The Straight Up "How To Draw Better" Workshop
denniskardys
239
140k
How to Talk to Developers About Accessibility
jct
2
130
Leadership Guide Workshop - DevTernity 2021
reverentgeek
1
200
Building Better People: How to give real-time feedback that sticks.
wjessup
370
20k
Embracing the Ebb and Flow
colly
88
5k
Effective software design: The role of men in debugging patriarchy in IT @ Voxxed Days AMS
baasie
0
230
Speed Design
sergeychernyshev
33
1.5k
ReactJS: Keep Simple. Everything can be a component!
pedronauck
666
130k
How To Speak Unicorn (iThemes Webinar)
marktimemedia
1
380
Transcript
DevSecOps with JFrog Platform
2 § § Sr. DevOps Acceleration Engineer @JFrog § DevOps
Liquid Software § @tsuyoshi_miyake
[email protected]
3 TPS TPS - Wikipedia: Toyota Production System (https://en.wikipedia.org/wiki/Toyota_Production_System) DevOps
• • • 4
1 SSC N 5 • • •
1 N 6 VCS (Git) CI/CD ??? • • •
SSC OSS B C A OSS OSS SSC SSC 7
8 • • • •
(CVE) by OSS (CVE) Executive Order on Improving the Nation
s Cybersecurity CVE 9
24/7 Dedicated Support + DevOps Acceleration Service Arm BUILD TEST
RELEASE DEPLOY CI/CD On Premises & Multicloud VCS ACCESS FEDERATION ACL SSO 10 JFrog Platform
Artifactory for 11 docker-prod-local docker-dev-local (default) docker-qa-local Docker Hub docker-remote
docker
WATCHES Xray for SBOM (Software Bill of Materials) 12 POLICIES
Security License Fail Build Web Hooks, Slack, Emails XUC (Xray Update Center) Bundle Build Build Repo Repo Frogbot IDE XRAY ARTIFACTORY SBOM (SPDX, CycloneDX)
13 PIPELINES > git commit Public Repos IDE Git Repo
package .json ARTIFACTORY XRAY PLUGIN XRAY DISTRIBUTION DISTRIBUTION EDGE DISTRIBUTION EDGE Connect Pull Request with JFrog Platform
JFrog 14
THANK YOU!
tsuyo
sansan33
glaforge
markie1009
mu7889yoon
daitak
rvirus0817
shibayu36
aeonpeople
thara0402
zozotech
tsukaman
rmw
thoeni
jct
denniskardys
reverentgeek
wjessup
colly
baasie
sergeychernyshev
pedronauck
marktimemedia
