Upgrade to Pro
— share decks privately, control downloads, hide ads and more …
Speaker Deck
Features
Speaker Deck
PRO
Sign in
Sign up for free
Search
Search
安全なソフトウェアサプライチェーンの実現 / secure-software-supply-c...
Search
Sponsored
·
Ship Features Fearlessly
Turn features on and off without deploys. Used by thousands of Ruby developers.
→
Tsuyoshi Miyake
May 18, 2022
Technology
50
0
Share
安全なソフトウェアサプライチェーンの実現 / secure-software-supply-chain-with-jfrog
2022/05/18 に実施した JFrog x SoftBank x PrismaCloud 共同 DevSecOps セミナーの JFrog 発表分です
Tsuyoshi Miyake
May 18, 2022
More Decks by Tsuyoshi Miyake
See All by Tsuyoshi Miyake
JFrog 最新情報 - JFrog DevOps プラットフォームの今までとこれから / jfrog-update-for-devopskaigi-2022
tsuyo
0
460
猿でもわかるコンテナ V3 / a-monkeys-guide-to-container-v3
tsuyo
0
83
猿でもわかる DevOps / a-monkeys-guide-to-devops
tsuyo
0
850
はじめての JFrog Platform V2 / getting-started-with-jfrog-platform-v2
tsuyo
0
410
はじめての JFrog Distribution / getting-started-with-jfrog-distribution
tsuyo
0
190
はじめての JFrog Pipelines / getting-started-with-jfrog-pipelines
tsuyo
0
230
はじめての JFrog Xray / getting-started-with-jfrog-xray
tsuyo
0
1.6k
はじめての JFrog Artifactory / getting-started-with-jfrog-artifactory
tsuyo
0
1.2k
はじめての JFrog Platform / getting-started-with-jfrog-platform
tsuyo
0
840
Other Decks in Technology
See All in Technology
自分をひらくと次のチャレンジの敷居が下がる
sudoakiy
5
1.8k
組織的なAI活用を阻む 最大のハードルは コンテキストデザインだった
ixbox
1
430
今年60歳のおっさんCBになる
kentapapa
1
120
仕様通り動くの先へ。Claude Codeで「使える」を検証する
gotalab555
6
1.9k
OCI技術資料 : ロード・バランサ 概要 - FLB・NLB共通
ocise
4
27k
JSTQB Expert Levelシラバス 「テストマネジメント」日本語版のご紹介
ymty
0
120
【AWS】CloudTrail LakeとCloudWatch Logs Insightsの使い分け方針
tsurunosd
0
130
【関西電力KOI×VOLTMIND 生成AIハッカソン】空間AIブレイン ~⼤阪おばちゃんフィジカルAIに続く道~
tanakaseiya
0
150
Babylon.js を使って試した色々な内容 / Various things I tried using Babylon.js / Babylon.js 勉強会 vol.5
you
PRO
0
230
Data Intelligence Engineering Unit 部門と各ポジション紹介
sansantech
PRO
0
120
建設的な現実逃避のしかた / How to practice constructive escapism
pauli
3
140
AWS DevOps Agent or Kiro の使いどころを考える_20260402
masakiokuda
0
170
Featured
See All Featured
We Have a Design System, Now What?
morganepeng
55
8.1k
A Guide to Academic Writing Using Generative AI - A Workshop
ks91
PRO
1
260
How to make the Groovebox
asonas
2
2.1k
Building Applications with DynamoDB
mza
96
7k
Tips & Tricks on How to Get Your First Job In Tech
honzajavorek
1
480
Claude Code どこまでも/ Claude Code Everywhere
nwiizo
64
54k
How to optimise 3,500 product descriptions for ecommerce in one day using ChatGPT
katarinadahlin
PRO
1
3.5k
jQuery: Nuts, Bolts and Bling
dougneiner
66
8.4k
The Power of CSS Pseudo Elements
geoffreycrofte
82
6.2k
Designing Experiences People Love
moore
143
24k
Being A Developer After 40
akosma
91
590k
実際に使うSQLの書き方 徹底解説 / pgcon21j-tutorial
soudai
PRO
199
73k
Transcript
DevSecOps with JFrog Platform
2 § § Sr. DevOps Acceleration Engineer @JFrog § DevOps
Liquid Software § @tsuyoshi_miyake
[email protected]
3 TPS TPS - Wikipedia: Toyota Production System (https://en.wikipedia.org/wiki/Toyota_Production_System) DevOps
• • • 4
1 SSC N 5 • • •
1 N 6 VCS (Git) CI/CD ??? • • •
SSC OSS B C A OSS OSS SSC SSC 7
8 • • • •
(CVE) by OSS (CVE) Executive Order on Improving the Nation
s Cybersecurity CVE 9
24/7 Dedicated Support + DevOps Acceleration Service Arm BUILD TEST
RELEASE DEPLOY CI/CD On Premises & Multicloud VCS ACCESS FEDERATION ACL SSO 10 JFrog Platform
Artifactory for 11 docker-prod-local docker-dev-local (default) docker-qa-local Docker Hub docker-remote
docker
WATCHES Xray for SBOM (Software Bill of Materials) 12 POLICIES
Security License Fail Build Web Hooks, Slack, Emails XUC (Xray Update Center) Bundle Build Build Repo Repo Frogbot IDE XRAY ARTIFACTORY SBOM (SPDX, CycloneDX)
13 PIPELINES > git commit Public Repos IDE Git Repo
package .json ARTIFACTORY XRAY PLUGIN XRAY DISTRIBUTION DISTRIBUTION EDGE DISTRIBUTION EDGE Connect Pull Request with JFrog Platform
JFrog 14
THANK YOU!
tsuyo
sudoakiy
ixbox
kentapapa
gotalab555
ocise
ymty
tsurunosd
tanakaseiya
you
sansantech
pauli
masakiokuda
morganepeng
ks91
asonas
mza
honzajavorek
nwiizo
katarinadahlin
dougneiner
geoffreycrofte
moore
akosma
soudai
