Upgrade to Pro
— share decks privately, control downloads, hide ads and more …
Speaker Deck
Features
Speaker Deck
PRO
Sign in
Sign up for free
Search
Search
安全なソフトウェアサプライチェーンの実現 / secure-software-supply-c...
Search
Tsuyoshi Miyake
May 18, 2022
Technology
0
49
安全なソフトウェアサプライチェーンの実現 / secure-software-supply-chain-with-jfrog
2022/05/18 に実施した JFrog x SoftBank x PrismaCloud 共同 DevSecOps セミナーの JFrog 発表分です
Tsuyoshi Miyake
May 18, 2022
Tweet
Share
More Decks by Tsuyoshi Miyake
See All by Tsuyoshi Miyake
JFrog 最新情報 - JFrog DevOps プラットフォームの今までとこれから / jfrog-update-for-devopskaigi-2022
tsuyo
0
450
猿でもわかるコンテナ V3 / a-monkeys-guide-to-container-v3
tsuyo
0
82
猿でもわかる DevOps / a-monkeys-guide-to-devops
tsuyo
0
850
はじめての JFrog Platform V2 / getting-started-with-jfrog-platform-v2
tsuyo
0
400
はじめての JFrog Distribution / getting-started-with-jfrog-distribution
tsuyo
0
190
はじめての JFrog Pipelines / getting-started-with-jfrog-pipelines
tsuyo
0
230
はじめての JFrog Xray / getting-started-with-jfrog-xray
tsuyo
0
1.6k
はじめての JFrog Artifactory / getting-started-with-jfrog-artifactory
tsuyo
0
1.2k
はじめての JFrog Platform / getting-started-with-jfrog-platform
tsuyo
0
840
Other Decks in Technology
See All in Technology
AlloyDB 奮闘記
hatappi
0
150
2026-03-11 JAWS-UG 茨城 #12 改めてALBを便利に使う
masasuzu
2
400
フロントエンド刷新 4年間の軌跡
yotahada3
0
500
WebアクセシビリティをCI/CDで担保する ― axe DevTools × Playwright C#実践ガイド
tomokusaba
2
180
非情報系研究者へ送る Transformer入門
rishiyama
15
8.9k
"作る"から"使われる"へ:Backstage 活用の現在地
sbtechnight
0
190
TypeScript 7.0の現在地と備え方
uhyo
7
1.8k
脳内メモリ、思ったより揮発性だった
koutorino
0
380
Cortex Code CLI と一緒に進めるAgentic Data Engineering
__allllllllez__
0
430
Zero Data Loss Autonomous Recovery Service サービス概要
oracle4engineer
PRO
2
13k
僕、S3 シンプルって名前だけど全然シンプルじゃありません よろしくお願いします
yama3133
1
230
visionOS 開発向けの MCP / Skills をつくり続けることで XR の探究と学習を最大化
karad
1
640
Featured
See All Featured
JAMstack: Web Apps at Ludicrous Speed - All Things Open 2022
reverentgeek
1
390
GitHub's CSS Performance
jonrohan
1032
470k
Everyday Curiosity
cassininazir
0
170
The Web Performance Landscape in 2024 [PerfNow 2024]
tammyeverts
12
1.1k
Visualization
eitanlees
150
17k
Become a Pro
speakerdeck
PRO
31
5.8k
Exploring the relationship between traditional SERPs and Gen AI search
raygrieselhuber
PRO
2
3.7k
Music & Morning Musume
bryan
47
7.1k
Embracing the Ebb and Flow
colly
88
5k
Effective software design: The role of men in debugging patriarchy in IT @ Voxxed Days AMS
baasie
0
260
So, you think you're a good person
axbom
PRO
2
2k
Design and Strategy: How to Deal with People Who Don’t "Get" Design
morganepeng
133
19k
Transcript
DevSecOps with JFrog Platform
2 § § Sr. DevOps Acceleration Engineer @JFrog § DevOps
Liquid Software § @tsuyoshi_miyake
[email protected]
3 TPS TPS - Wikipedia: Toyota Production System (https://en.wikipedia.org/wiki/Toyota_Production_System) DevOps
• • • 4
1 SSC N 5 • • •
1 N 6 VCS (Git) CI/CD ??? • • •
SSC OSS B C A OSS OSS SSC SSC 7
8 • • • •
(CVE) by OSS (CVE) Executive Order on Improving the Nation
s Cybersecurity CVE 9
24/7 Dedicated Support + DevOps Acceleration Service Arm BUILD TEST
RELEASE DEPLOY CI/CD On Premises & Multicloud VCS ACCESS FEDERATION ACL SSO 10 JFrog Platform
Artifactory for 11 docker-prod-local docker-dev-local (default) docker-qa-local Docker Hub docker-remote
docker
WATCHES Xray for SBOM (Software Bill of Materials) 12 POLICIES
Security License Fail Build Web Hooks, Slack, Emails XUC (Xray Update Center) Bundle Build Build Repo Repo Frogbot IDE XRAY ARTIFACTORY SBOM (SPDX, CycloneDX)
13 PIPELINES > git commit Public Repos IDE Git Repo
package .json ARTIFACTORY XRAY PLUGIN XRAY DISTRIBUTION DISTRIBUTION EDGE DISTRIBUTION EDGE Connect Pull Request with JFrog Platform
JFrog 14
THANK YOU!
tsuyo
hatappi
masasuzu
yotahada3
tomokusaba
rishiyama
sbtechnight
uhyo
koutorino
__allllllllez__
oracle4engineer
yama3133
karad
reverentgeek
jonrohan
cassininazir
tammyeverts
eitanlees
speakerdeck
raygrieselhuber
bryan
colly
baasie
axbom
morganepeng
