Upgrade to PRO for Only $50/Year—Limited-Time Offer! 🔥
Speaker Deck
Features
Speaker Deck
PRO
Sign in
Sign up for free
Search
Search
安全なソフトウェアサプライチェーンの実現 / secure-software-supply-c...
Search
Tsuyoshi Miyake
May 18, 2022
Technology
0
41
安全なソフトウェアサプライチェーンの実現 / secure-software-supply-chain-with-jfrog
2022/05/18 に実施した JFrog x SoftBank x PrismaCloud 共同 DevSecOps セミナーの JFrog 発表分です
Tsuyoshi Miyake
May 18, 2022
Tweet
Share
More Decks by Tsuyoshi Miyake
See All by Tsuyoshi Miyake
JFrog 最新情報 - JFrog DevOps プラットフォームの今までとこれから / jfrog-update-for-devopskaigi-2022
tsuyo
0
430
猿でもわかるコンテナ V3 / a-monkeys-guide-to-container-v3
tsuyo
0
70
猿でもわかる DevOps / a-monkeys-guide-to-devops
tsuyo
0
810
はじめての JFrog Platform V2 / getting-started-with-jfrog-platform-v2
tsuyo
0
370
はじめての JFrog Distribution / getting-started-with-jfrog-distribution
tsuyo
0
170
はじめての JFrog Pipelines / getting-started-with-jfrog-pipelines
tsuyo
0
210
はじめての JFrog Xray / getting-started-with-jfrog-xray
tsuyo
0
1.5k
はじめての JFrog Artifactory / getting-started-with-jfrog-artifactory
tsuyo
0
1.1k
はじめての JFrog Platform / getting-started-with-jfrog-platform
tsuyo
0
820
Other Decks in Technology
See All in Technology
レガシーシステム刷新における TypeSpec スキーマ駆動開発のすゝめ
tsukuha
4
870
Digitization部 紹介資料
sansan33
PRO
1
6k
プラットフォームエンジニアリングとは何であり、なぜプラットフォームエンジニアリングなのか
doublemarket
0
370
メッセージ駆動が可能にする結合の最適化
j5ik2o
9
1.7k
日経電子版の BCP への取り組みについて/mediajaws1121
nikkei_engineer_recruiting
0
110
生成AIシステムとAIエージェントに関する性能や安全性の評価
shibuiwilliam
2
260
変わるもの、変わらないもの :OSSアーキテクチャで実現する持続可能なシステム
gree_tech
PRO
0
1.2k
機械学習を「社会実装」するということ 2025年冬版 / Social Implementation of Machine Learning November 2025 Version
moepy_stats
4
890
AWS re:Invent 2025 で頻出の 生成 AI サービスをおさらい
komakichi
3
260
type-challenges を全問解いたのでエッセンスと推し問題を紹介してみる
kworkdev
PRO
0
130
MAP-7thplaceSolution
yukichi0403
2
190
All About Sansan – for New Global Engineers
sansan33
PRO
1
1.3k
Featured
See All Featured
Exploring the Power of Turbo Streams & Action Cable | RailsConf2023
kevinliebholz
36
6.1k
How to train your dragon (web standard)
notwaldorf
97
6.4k
The Cost Of JavaScript in 2023
addyosmani
55
9.3k
Java REST API Framework Comparison - PWX 2021
mraible
34
9k
Agile that works and the tools we love
rasmusluckow
331
21k
Leading Effective Engineering Teams in the AI Era
addyosmani
8
1.2k
Thoughts on Productivity
jonyablonski
73
4.9k
Build your cross-platform service in a week with App Engine
jlugia
234
18k
It's Worth the Effort
3n
187
29k
Facilitating Awesome Meetings
lara
57
6.6k
Music & Morning Musume
bryan
46
7k
Scaling GitHub
holman
464
140k
Transcript
DevSecOps with JFrog Platform
2 § § Sr. DevOps Acceleration Engineer @JFrog § DevOps
Liquid Software § @tsuyoshi_miyake
[email protected]
3 TPS TPS - Wikipedia: Toyota Production System (https://en.wikipedia.org/wiki/Toyota_Production_System) DevOps
• • • 4
1 SSC N 5 • • •
1 N 6 VCS (Git) CI/CD ??? • • •
SSC OSS B C A OSS OSS SSC SSC 7
8 • • • •
(CVE) by OSS (CVE) Executive Order on Improving the Nation
s Cybersecurity CVE 9
24/7 Dedicated Support + DevOps Acceleration Service Arm BUILD TEST
RELEASE DEPLOY CI/CD On Premises & Multicloud VCS ACCESS FEDERATION ACL SSO 10 JFrog Platform
Artifactory for 11 docker-prod-local docker-dev-local (default) docker-qa-local Docker Hub docker-remote
docker
WATCHES Xray for SBOM (Software Bill of Materials) 12 POLICIES
Security License Fail Build Web Hooks, Slack, Emails XUC (Xray Update Center) Bundle Build Build Repo Repo Frogbot IDE XRAY ARTIFACTORY SBOM (SPDX, CycloneDX)
13 PIPELINES > git commit Public Repos IDE Git Repo
package .json ARTIFACTORY XRAY PLUGIN XRAY DISTRIBUTION DISTRIBUTION EDGE DISTRIBUTION EDGE Connect Pull Request with JFrog Platform
JFrog 14
THANK YOU!
tsuyo
tsukuha
sansan33
doublemarket
j5ik2o
nikkei_engineer_recruiting
shibuiwilliam
gree_tech
moepy_stats
komakichi
kworkdev
yukichi0403
kevinliebholz
notwaldorf
addyosmani
mraible
rasmusluckow
jonyablonski
jlugia
3n
lara
bryan
holman
