Upgrade to Pro
— share decks privately, control downloads, hide ads and more …
Speaker Deck
Features
Speaker Deck
PRO
Sign in
Sign up for free
Search
Search
安全なソフトウェアサプライチェーンの実現 / secure-software-supply-c...
Search
Tsuyoshi Miyake
May 18, 2022
Technology
0
33
安全なソフトウェアサプライチェーンの実現 / secure-software-supply-chain-with-jfrog
2022/05/18 に実施した JFrog x SoftBank x PrismaCloud 共同 DevSecOps セミナーの JFrog 発表分です
Tsuyoshi Miyake
May 18, 2022
Tweet
Share
More Decks by Tsuyoshi Miyake
See All by Tsuyoshi Miyake
JFrog 最新情報 - JFrog DevOps プラットフォームの今までとこれから / jfrog-update-for-devopskaigi-2022
tsuyo
0
420
猿でもわかるコンテナ V3 / a-monkeys-guide-to-container-v3
tsuyo
0
65
猿でもわかる DevOps / a-monkeys-guide-to-devops
tsuyo
0
800
はじめての JFrog Platform V2 / getting-started-with-jfrog-platform-v2
tsuyo
0
350
はじめての JFrog Distribution / getting-started-with-jfrog-distribution
tsuyo
0
170
はじめての JFrog Pipelines / getting-started-with-jfrog-pipelines
tsuyo
0
200
はじめての JFrog Xray / getting-started-with-jfrog-xray
tsuyo
0
1.5k
はじめての JFrog Artifactory / getting-started-with-jfrog-artifactory
tsuyo
0
1k
はじめての JFrog Platform / getting-started-with-jfrog-platform
tsuyo
0
810
Other Decks in Technology
See All in Technology
工業高校で学習したとあるエンジニアのキャリアの話
shirayanagiryuji
0
130
EKS Pod Identity における推移的な session tags
z63d
1
190
夢の印税生活 / Life on Royalties
tmtms
0
250
Amazon Inspector コードセキュリティで手軽に実現するシフトレフト
maimyyym
0
150
メルカリIBIS:AIが拓く次世代インシデント対応
0gm
2
490
Observability for LLM Application lifecycle
ivry_presentationmaterials
1
180
生成AIによるソフトウェア開発の収束地点 - Hack Fes 2025
vaaaaanquish
35
16k
我々は雰囲気で仕事をしている / How can we do vibe coding as well
naospon
2
170
プロダクトエンジニアリングで開発の楽しさを拡張する話
barometrica
0
220
Oracle Exadata Database Service on Cloud@Customer X11M (ExaDB-C@C) サービス概要
oracle4engineer
PRO
2
6.4k
【OptimizationNight】数理最適化のラストワンマイルとしてのUIUX
brainpadpr
2
580
文字列の並び順 / String Collation
tmtms
1
120
Featured
See All Featured
Improving Core Web Vitals using Speculation Rules API
sergeychernyshev
18
1.1k
Rails Girls Zürich Keynote
gr2m
95
14k
[Rails World 2023 - Day 1 Closing Keynote] - The Magic of Rails
eileencodes
36
2.5k
Fashionably flexible responsive web design (full day workshop)
malarkey
407
66k
StorybookのUI Testing Handbookを読んだ
zakiyama
30
6k
Product Roadmaps are Hard
iamctodd
PRO
54
11k
Become a Pro
speakerdeck
PRO
29
5.5k
The Cost Of JavaScript in 2023
addyosmani
53
8.8k
We Have a Design System, Now What?
morganepeng
53
7.7k
個人開発の失敗を避けるイケてる考え方 / tips for indie hackers
panda_program
110
20k
I Don’t Have Time: Getting Over the Fear to Launch Your Podcast
jcasabona
33
2.4k
Optimising Largest Contentful Paint
csswizardry
37
3.4k
Transcript
DevSecOps with JFrog Platform
2 § § Sr. DevOps Acceleration Engineer @JFrog § DevOps
Liquid Software § @tsuyoshi_miyake
[email protected]
3 TPS TPS - Wikipedia: Toyota Production System (https://en.wikipedia.org/wiki/Toyota_Production_System) DevOps
• • • 4
1 SSC N 5 • • •
1 N 6 VCS (Git) CI/CD ??? • • •
SSC OSS B C A OSS OSS SSC SSC 7
8 • • • •
(CVE) by OSS (CVE) Executive Order on Improving the Nation
s Cybersecurity CVE 9
24/7 Dedicated Support + DevOps Acceleration Service Arm BUILD TEST
RELEASE DEPLOY CI/CD On Premises & Multicloud VCS ACCESS FEDERATION ACL SSO 10 JFrog Platform
Artifactory for 11 docker-prod-local docker-dev-local (default) docker-qa-local Docker Hub docker-remote
docker
WATCHES Xray for SBOM (Software Bill of Materials) 12 POLICIES
Security License Fail Build Web Hooks, Slack, Emails XUC (Xray Update Center) Bundle Build Build Repo Repo Frogbot IDE XRAY ARTIFACTORY SBOM (SPDX, CycloneDX)
13 PIPELINES > git commit Public Repos IDE Git Repo
package .json ARTIFACTORY XRAY PLUGIN XRAY DISTRIBUTION DISTRIBUTION EDGE DISTRIBUTION EDGE Connect Pull Request with JFrog Platform
JFrog 14
THANK YOU!