Upgrade to Pro
— share decks privately, control downloads, hide ads and more …
Speaker Deck
Features
Speaker Deck
PRO
Sign in
Sign up for free
Search
Search
安全なソフトウェアサプライチェーンの実現 / secure-software-supply-c...
Search
Tsuyoshi Miyake
May 18, 2022
Technology
0
47
安全なソフトウェアサプライチェーンの実現 / secure-software-supply-chain-with-jfrog
2022/05/18 に実施した JFrog x SoftBank x PrismaCloud 共同 DevSecOps セミナーの JFrog 発表分です
Tsuyoshi Miyake
May 18, 2022
Tweet
Share
More Decks by Tsuyoshi Miyake
See All by Tsuyoshi Miyake
JFrog 最新情報 - JFrog DevOps プラットフォームの今までとこれから / jfrog-update-for-devopskaigi-2022
tsuyo
0
450
猿でもわかるコンテナ V3 / a-monkeys-guide-to-container-v3
tsuyo
0
78
猿でもわかる DevOps / a-monkeys-guide-to-devops
tsuyo
0
840
はじめての JFrog Platform V2 / getting-started-with-jfrog-platform-v2
tsuyo
0
390
はじめての JFrog Distribution / getting-started-with-jfrog-distribution
tsuyo
0
180
はじめての JFrog Pipelines / getting-started-with-jfrog-pipelines
tsuyo
0
220
はじめての JFrog Xray / getting-started-with-jfrog-xray
tsuyo
0
1.5k
はじめての JFrog Artifactory / getting-started-with-jfrog-artifactory
tsuyo
0
1.2k
はじめての JFrog Platform / getting-started-with-jfrog-platform
tsuyo
0
830
Other Decks in Technology
See All in Technology
Context Engineeringの取り組み
nutslove
0
350
20260204_Midosuji_Tech
takuyay0ne
1
160
プロダクト成長を支える開発基盤とスケールに伴う課題
yuu26
4
1.3k
10Xにおける品質保証活動の全体像と改善 #no_more_wait_for_test
nihonbuson
PRO
2
290
Digitization部 紹介資料
sansan33
PRO
1
6.8k
ClickHouseはどのように大規模データを活用したAIエージェントを全社展開しているのか
mikimatsumoto
0
230
Introduction to Bill One Development Engineer
sansan33
PRO
0
360
フルカイテン株式会社 エンジニア向け採用資料
fullkaiten
0
10k
AIと新時代を切り拓く。これからのSREとメルカリIBISの挑戦
0gm
0
1.2k
CDK対応したAWS DevOps Agentを試そう_20260201
masakiokuda
1
300
生成AIを活用した音声文字起こしシステムの2つの構築パターンについて
miu_crescent
PRO
2
200
コミュニティが変えるキャリアの地平線:コロナ禍新卒入社のエンジニアがAWSコミュニティで見つけた成長の羅針盤
kentosuzuki
0
110
Featured
See All Featured
Learning to Love Humans: Emotional Interface Design
aarron
275
41k
Unlocking the hidden potential of vector embeddings in international SEO
frankvandijk
0
170
Leveraging LLMs for student feedback in introductory data science courses - posit::conf(2025)
minecr
0
140
jQuery: Nuts, Bolts and Bling
dougneiner
65
8.4k
HDC tutorial
michielstock
1
380
Collaborative Software Design: How to facilitate domain modelling decisions
baasie
0
140
Fight the Zombie Pattern Library - RWD Summit 2016
marcelosomers
234
17k
How to Align SEO within the Product Triangle To Get Buy-In & Support - #RIMC
aleyda
1
1.4k
The Straight Up "How To Draw Better" Workshop
denniskardys
239
140k
Designing for Performance
lara
610
70k
Practical Tips for Bootstrapping Information Extraction Pipelines
honnibal
25
1.7k
Building a Modern Day E-commerce SEO Strategy
aleyda
45
8.7k
Transcript
DevSecOps with JFrog Platform
2 § § Sr. DevOps Acceleration Engineer @JFrog § DevOps
Liquid Software § @tsuyoshi_miyake
[email protected]
3 TPS TPS - Wikipedia: Toyota Production System (https://en.wikipedia.org/wiki/Toyota_Production_System) DevOps
• • • 4
1 SSC N 5 • • •
1 N 6 VCS (Git) CI/CD ??? • • •
SSC OSS B C A OSS OSS SSC SSC 7
8 • • • •
(CVE) by OSS (CVE) Executive Order on Improving the Nation
s Cybersecurity CVE 9
24/7 Dedicated Support + DevOps Acceleration Service Arm BUILD TEST
RELEASE DEPLOY CI/CD On Premises & Multicloud VCS ACCESS FEDERATION ACL SSO 10 JFrog Platform
Artifactory for 11 docker-prod-local docker-dev-local (default) docker-qa-local Docker Hub docker-remote
docker
WATCHES Xray for SBOM (Software Bill of Materials) 12 POLICIES
Security License Fail Build Web Hooks, Slack, Emails XUC (Xray Update Center) Bundle Build Build Repo Repo Frogbot IDE XRAY ARTIFACTORY SBOM (SPDX, CycloneDX)
13 PIPELINES > git commit Public Repos IDE Git Repo
package .json ARTIFACTORY XRAY PLUGIN XRAY DISTRIBUTION DISTRIBUTION EDGE DISTRIBUTION EDGE Connect Pull Request with JFrog Platform
JFrog 14
THANK YOU!
tsuyo
nutslove
takuyay0ne
yuu26
nihonbuson
sansan33
mikimatsumoto
fullkaiten
0gm
masakiokuda
miu_crescent
kentosuzuki
aarron
frankvandijk
minecr
dougneiner
michielstock
baasie
marcelosomers
aleyda
denniskardys
lara
honnibal
