Upgrade to Pro — share decks privately, control downloads, hide ads and more …

アプリケーション開発者目線で語る、明日から始めるDevSecOps

 アプリケーション開発者目線で語る、明日から始めるDevSecOps

ihcomega56

July 21, 2022
Tweet

More Decks by ihcomega56

Other Decks in Technology

Transcript

  1. 12 12 ίʔυ Ϗϧυ ςετ ϦϦʔε σϓϩΠ औΓ૊ΈͷϙΠϯτ ˞ਤ͸ҰྫͰ͢ 4$"

    4"45 %"45 4$" গͳ͍ਓखͰ΋ͳΔ΂͘΍͍ͬͯ͘ʂ • ࣗಈԽ͠ɺ$*$%ύΠϓϥΠϯʹ૊ΈࠐΉ • 4-%$ͷૣ͍ஈ֊Ͱؾ෇͚ΔΑ͏ʹ͢ΔʮγϑτϨϑτʯ • ϦϦʔεલʹ·ͱΊ࣮ͯࢪɺҰఆظؒ͝ͱͷ࣮ࢪͷΈͱ͍ͬͨ Ξϓϩʔν͸໰୊͕େ͖͘ͳΓ͗ͯ͢ରॲ͕େมʹͳΔڪΕ
  2. ࢀߟ • ʮJFrog Xray Security and Compliance of the Open

    Source Software Dependencies You Rely onʯ https://jfrog.com/whitepaper/jfrog-xray-universal-component-analysis/ • ʮDevSecOpsͱ͸ʁʯhttps://jfrog.com/ja/devops-tools/what-is-devsecops/ • DZone 2017-04-24ʮ10 Tips for Integrating Security Into DevOpsʯhttps://dzone.com/articles/10- tips-for-integrating-security-into-devops • TECH+ 2022-02-08 ʮ೔ຊاۀͷ9ׂ͕ʰηΩϡϦςΟਓࡐෆ଍ʹ՝୊ʱ-ถ߽͸1ׂఔ౓ʯ https://news.mynavi.jp/techplus/article/20220208-2267778/ • Department of Defense (DoD) Chief Information OfficerʮDoD Enterprise DevSecOps Reference Designʯ https://dodcio.defense.gov/Portals/0/Documents/DoD%20Enterprise%20DevSecOps%20Reference %20Design%20v1.0_Public%20Release.pdf 22