Upgrade to Pro
— share decks privately, control downloads, hide ads and more …
Speaker Deck
Features
Speaker Deck
PRO
Sign in
Sign up for free
Search
Search
安全なソフトウェアサプライチェーンの実現 / secure-software-supply-c...
Search
Sponsored
·
Ship Features Fearlessly
Turn features on and off without deploys. Used by thousands of Ruby developers.
→
Tsuyoshi Miyake
May 18, 2022
Technology
55
0
Share
Embed
Copy iframe code
Copy JS code
Copy link
Start on current slide
安全なソフトウェアサプライチェーンの実現 / secure-software-supply-chain-with-jfrog
2022/05/18 に実施した JFrog x SoftBank x PrismaCloud 共同 DevSecOps セミナーの JFrog 発表分です
Tsuyoshi Miyake
May 18, 2022
More Decks by Tsuyoshi Miyake
See All by Tsuyoshi Miyake
JFrog 最新情報 - JFrog DevOps プラットフォームの今までとこれから / jfrog-update-for-devopskaigi-2022
tsuyo
0
470
猿でもわかるコンテナ V3 / a-monkeys-guide-to-container-v3
tsuyo
0
95
猿でもわかる DevOps / a-monkeys-guide-to-devops
tsuyo
0
880
はじめての JFrog Platform V2 / getting-started-with-jfrog-platform-v2
tsuyo
0
430
はじめての JFrog Distribution / getting-started-with-jfrog-distribution
tsuyo
0
210
はじめての JFrog Pipelines / getting-started-with-jfrog-pipelines
tsuyo
0
240
はじめての JFrog Xray / getting-started-with-jfrog-xray
tsuyo
0
1.6k
はじめての JFrog Artifactory / getting-started-with-jfrog-artifactory
tsuyo
0
1.2k
はじめての JFrog Platform / getting-started-with-jfrog-platform
tsuyo
0
870
Other Decks in Technology
See All in Technology
iOS アプリの「これって不具合ですか?」を AI に調べてもらう
miichan
0
140
自宅LLMの話
jacopen
1
720
AWS Security Hub CSPMの成功・失敗体験
cmusudakeisuke
0
540
螺旋型キャリアの生存戦略 / kinoko-conf2026
rakus_dev
1
940
フルAIで個人開発して学んだあれこれ / yuruai vol.1
isaoshimizu
0
110
AIをフル活用してオンコール機能のプロトタイプを2日で作った話 / Building an AI-Powered On-Call Prototype in Just Two Days
nari_ex
0
120
【Snowflake Summit 2026 Recap!!】Snowflake Summit Deep Dive: Security & Governance
civitaspo
1
310
5分でわかるDuckDB Quack
chanyou0311
2
250
いまさら聞けない「仕様駆動開発入門」 〜AI活用時代の開発プロセスを考える〜
findy_eventslides
2
200
BPaaSで進むAIオペレーションの現在地 AI実装が効く領域とスケーラビリティの選定と実装
kentarofujii
0
150
攻撃者視点で考えるDetection Engineering
cryptopeg
3
2.1k
自分が詳しくない領域でAIを使う #プロヒス2026
konifar
20
7.4k
Featured
See All Featured
Building AI with AI
inesmontani
PRO
1
1.1k
Bridging the Design Gap: How Collaborative Modelling removes blockers to flow between stakeholders and teams @FastFlow conf
baasie
0
590
Paper Plane
katiecoart
PRO
1
52k
Organizational Design Perspectives: An Ontology of Organizational Design Elements
kimpetersen
PRO
1
750
What the history of the web can teach us about the future of AI
inesmontani
PRO
1
620
Writing Fast Ruby
sferik
630
63k
GraphQLの誤解/rethinking-graphql
sonatard
75
12k
How People are Using Generative and Agentic AI to Supercharge Their Products, Projects, Services and Value Streams Today
helenjbeal
1
220
Product Roadmaps are Hard
iamctodd
PRO
55
12k
Git: the NoSQL Database
bkeepers
PRO
432
67k
Fashionably flexible responsive web design (full day workshop)
malarkey
408
66k
Utilizing Notion as your number one productivity tool
mfonobong
4
330
Transcript
DevSecOps with JFrog Platform
2 § § Sr. DevOps Acceleration Engineer @JFrog § DevOps
Liquid Software § @tsuyoshi_miyake
[email protected]
3 TPS TPS - Wikipedia: Toyota Production System (https://en.wikipedia.org/wiki/Toyota_Production_System) DevOps
• • • 4
1 SSC N 5 • • •
1 N 6 VCS (Git) CI/CD ??? • • •
SSC OSS B C A OSS OSS SSC SSC 7
8 • • • •
(CVE) by OSS (CVE) Executive Order on Improving the Nation
s Cybersecurity CVE 9
24/7 Dedicated Support + DevOps Acceleration Service Arm BUILD TEST
RELEASE DEPLOY CI/CD On Premises & Multicloud VCS ACCESS FEDERATION ACL SSO 10 JFrog Platform
Artifactory for 11 docker-prod-local docker-dev-local (default) docker-qa-local Docker Hub docker-remote
docker
WATCHES Xray for SBOM (Software Bill of Materials) 12 POLICIES
Security License Fail Build Web Hooks, Slack, Emails XUC (Xray Update Center) Bundle Build Build Repo Repo Frogbot IDE XRAY ARTIFACTORY SBOM (SPDX, CycloneDX)
13 PIPELINES > git commit Public Repos IDE Git Repo
package .json ARTIFACTORY XRAY PLUGIN XRAY DISTRIBUTION DISTRIBUTION EDGE DISTRIBUTION EDGE Connect Pull Request with JFrog Platform
JFrog 14
THANK YOU!