Upgrade to Pro
— share decks privately, control downloads, hide ads and more …
Speaker Deck
Features
Speaker Deck
PRO
Sign in
Sign up for free
Search
Search
安全なソフトウェアサプライチェーンの実現 / secure-software-supply-c...
Search
Tsuyoshi Miyake
May 18, 2022
Technology
0
49
安全なソフトウェアサプライチェーンの実現 / secure-software-supply-chain-with-jfrog
2022/05/18 に実施した JFrog x SoftBank x PrismaCloud 共同 DevSecOps セミナーの JFrog 発表分です
Tsuyoshi Miyake
May 18, 2022
Tweet
Share
More Decks by Tsuyoshi Miyake
See All by Tsuyoshi Miyake
JFrog 最新情報 - JFrog DevOps プラットフォームの今までとこれから / jfrog-update-for-devopskaigi-2022
tsuyo
0
450
猿でもわかるコンテナ V3 / a-monkeys-guide-to-container-v3
tsuyo
0
80
猿でもわかる DevOps / a-monkeys-guide-to-devops
tsuyo
0
850
はじめての JFrog Platform V2 / getting-started-with-jfrog-platform-v2
tsuyo
0
400
はじめての JFrog Distribution / getting-started-with-jfrog-distribution
tsuyo
0
190
はじめての JFrog Pipelines / getting-started-with-jfrog-pipelines
tsuyo
0
230
はじめての JFrog Xray / getting-started-with-jfrog-xray
tsuyo
0
1.6k
はじめての JFrog Artifactory / getting-started-with-jfrog-artifactory
tsuyo
0
1.2k
はじめての JFrog Platform / getting-started-with-jfrog-platform
tsuyo
0
840
Other Decks in Technology
See All in Technology
Oracle Cloud Infrastructure IaaS 新機能アップデート 2025/12 - 2026/2
oracle4engineer
PRO
0
110
モブプログラミング再入門 ー 基本から見直す、AI時代のチーム開発の選択肢 ー / A Re-introduction of Mob Programming
takaking22
5
1.4k
Keycloak を使った SSO で CockroachDB にログインする / CockroachDB SSO with Keycloak
kota2and3kan
0
110
Go標準パッケージのI/O処理をながめる
matumoto
0
190
Kubernetesにおける推論基盤
ry
1
360
kintone開発のプラットフォームエンジニアの紹介
cybozuinsideout
PRO
0
870
Oracle Database@Azure:サービス概要のご紹介
oracle4engineer
PRO
4
1.2k
OCHaCafe S11 #2 コンテナ時代の次の一手:Wasm 最前線
oracle4engineer
PRO
1
120
AWS DevOps Agent vs SRE俺 / AWS DevOps Agent vs me, the SRE
sms_tech
3
570
脳内メモリ、思ったより揮発性だった
koutorino
0
320
「Blue Team Labs Online」入門 - みんなで挑むログ解析バトル
v_avenger
0
160
最強のAIエージェントを諦めたら品質が上がった話 / how quality improved after giving up on the strongest AI agent
kt2mikan
0
170
Featured
See All Featured
The untapped power of vector embeddings
frankvandijk
2
1.6k
Test your architecture with Archunit
thirion
1
2.2k
Amusing Abliteration
ianozsvald
0
130
Helping Users Find Their Own Way: Creating Modern Search Experiences
danielanewman
31
3.1k
How STYLIGHT went responsive
nonsquared
100
6k
CoffeeScript is Beautiful & I Never Want to Write Plain JavaScript Again
sstephenson
162
16k
RailsConf & Balkan Ruby 2019: The Past, Present, and Future of Rails at GitHub
eileencodes
141
35k
The Limits of Empathy - UXLibs8
cassininazir
1
260
Agile Actions for Facilitating Distributed Teams - ADO2019
mkilby
0
150
Dominate Local Search Results - an insider guide to GBP, reviews, and Local SEO
greggifford
PRO
0
100
How Software Deployment tools have changed in the past 20 years
geshan
0
32k
The Spectacular Lies of Maps
axbom
PRO
1
620
Transcript
DevSecOps with JFrog Platform
2 § § Sr. DevOps Acceleration Engineer @JFrog § DevOps
Liquid Software § @tsuyoshi_miyake
[email protected]
3 TPS TPS - Wikipedia: Toyota Production System (https://en.wikipedia.org/wiki/Toyota_Production_System) DevOps
• • • 4
1 SSC N 5 • • •
1 N 6 VCS (Git) CI/CD ??? • • •
SSC OSS B C A OSS OSS SSC SSC 7
8 • • • •
(CVE) by OSS (CVE) Executive Order on Improving the Nation
s Cybersecurity CVE 9
24/7 Dedicated Support + DevOps Acceleration Service Arm BUILD TEST
RELEASE DEPLOY CI/CD On Premises & Multicloud VCS ACCESS FEDERATION ACL SSO 10 JFrog Platform
Artifactory for 11 docker-prod-local docker-dev-local (default) docker-qa-local Docker Hub docker-remote
docker
WATCHES Xray for SBOM (Software Bill of Materials) 12 POLICIES
Security License Fail Build Web Hooks, Slack, Emails XUC (Xray Update Center) Bundle Build Build Repo Repo Frogbot IDE XRAY ARTIFACTORY SBOM (SPDX, CycloneDX)
13 PIPELINES > git commit Public Repos IDE Git Repo
package .json ARTIFACTORY XRAY PLUGIN XRAY DISTRIBUTION DISTRIBUTION EDGE DISTRIBUTION EDGE Connect Pull Request with JFrog Platform
JFrog 14
THANK YOU!
tsuyo
oracle4engineer
takaking22
kota2and3kan
matumoto
ry
cybozuinsideout
sms_tech
koutorino
v_avenger
kt2mikan
frankvandijk
thirion
ianozsvald
danielanewman
nonsquared
sstephenson
eileencodes
cassininazir
mkilby
greggifford
geshan
axbom
