Upgrade to Pro
— share decks privately, control downloads, hide ads and more …
Speaker Deck
Features
Speaker Deck
PRO
Sign in
Sign up for free
Search
Search
安全なソフトウェアサプライチェーンの実現 / secure-software-supply-c...
Search
Sponsored
·
SiteGround - Reliable hosting with speed, security, and support you can count on.
→
Tsuyoshi Miyake
May 18, 2022
Technology
0
48
安全なソフトウェアサプライチェーンの実現 / secure-software-supply-chain-with-jfrog
2022/05/18 に実施した JFrog x SoftBank x PrismaCloud 共同 DevSecOps セミナーの JFrog 発表分です
Tsuyoshi Miyake
May 18, 2022
Tweet
Share
More Decks by Tsuyoshi Miyake
See All by Tsuyoshi Miyake
JFrog 最新情報 - JFrog DevOps プラットフォームの今までとこれから / jfrog-update-for-devopskaigi-2022
tsuyo
0
450
猿でもわかるコンテナ V3 / a-monkeys-guide-to-container-v3
tsuyo
0
79
猿でもわかる DevOps / a-monkeys-guide-to-devops
tsuyo
0
840
はじめての JFrog Platform V2 / getting-started-with-jfrog-platform-v2
tsuyo
0
400
はじめての JFrog Distribution / getting-started-with-jfrog-distribution
tsuyo
0
190
はじめての JFrog Pipelines / getting-started-with-jfrog-pipelines
tsuyo
0
220
はじめての JFrog Xray / getting-started-with-jfrog-xray
tsuyo
0
1.6k
はじめての JFrog Artifactory / getting-started-with-jfrog-artifactory
tsuyo
0
1.2k
はじめての JFrog Platform / getting-started-with-jfrog-platform
tsuyo
0
840
Other Decks in Technology
See All in Technology
Bill One 開発エンジニア 紹介資料
sansan33
PRO
5
18k
全自動で回せ!Claude Codeマーケットプレイス運用術
yukyu30
3
140
研究開発部メンバーの働き⽅ / Sansan R&D Profile
sansan33
PRO
4
22k
競争優位を生み出す戦略的内製開発の実践技法
masuda220
PRO
2
490
プロダクト開発の品質を守るAIコードレビュー:事例に見る導入ポイント
moongift
PRO
1
540
技術キャッチアップ効率化を実現する記事推薦システムの構築
yudai00
2
150
Introduction to Sansan Meishi Maker Development Engineer
sansan33
PRO
0
360
Webアクセシビリティ技術と実装の実際
tomokusaba
0
130
AI が Approve する開発フロー / How AI Reviewers Accelerate Our Development
zaimy
1
220
【SLO】"多様な期待値" と向き合ってみた
z63d
2
210
名刺メーカーDevグループ 紹介資料
sansan33
PRO
0
1.1k
What's new in Go 1.26?
ciarana
2
250
Featured
See All Featured
Scaling GitHub
holman
464
140k
What the history of the web can teach us about the future of AI
inesmontani
PRO
1
450
エンジニアに許された特別な時間の終わり
watany
106
230k
Sam Torres - BigQuery for SEOs
techseoconnect
PRO
0
210
Java REST API Framework Comparison - PWX 2021
mraible
34
9.2k
We Are The Robots
honzajavorek
0
190
HU Berlin: Industrial-Strength Natural Language Processing with spaCy and Prodigy
inesmontani
PRO
0
250
For a Future-Friendly Web
brad_frost
183
10k
How to build a perfect <img>
jonoalderson
1
5.2k
Are puppies a ranking factor?
jonoalderson
1
3k
DBのスキルで生き残る技術 - AI時代におけるテーブル設計の勘所
soudai
PRO
62
50k
Test your architecture with Archunit
thirion
1
2.2k
Transcript
DevSecOps with JFrog Platform
2 § § Sr. DevOps Acceleration Engineer @JFrog § DevOps
Liquid Software § @tsuyoshi_miyake
[email protected]
3 TPS TPS - Wikipedia: Toyota Production System (https://en.wikipedia.org/wiki/Toyota_Production_System) DevOps
• • • 4
1 SSC N 5 • • •
1 N 6 VCS (Git) CI/CD ??? • • •
SSC OSS B C A OSS OSS SSC SSC 7
8 • • • •
(CVE) by OSS (CVE) Executive Order on Improving the Nation
s Cybersecurity CVE 9
24/7 Dedicated Support + DevOps Acceleration Service Arm BUILD TEST
RELEASE DEPLOY CI/CD On Premises & Multicloud VCS ACCESS FEDERATION ACL SSO 10 JFrog Platform
Artifactory for 11 docker-prod-local docker-dev-local (default) docker-qa-local Docker Hub docker-remote
docker
WATCHES Xray for SBOM (Software Bill of Materials) 12 POLICIES
Security License Fail Build Web Hooks, Slack, Emails XUC (Xray Update Center) Bundle Build Build Repo Repo Frogbot IDE XRAY ARTIFACTORY SBOM (SPDX, CycloneDX)
13 PIPELINES > git commit Public Repos IDE Git Repo
package .json ARTIFACTORY XRAY PLUGIN XRAY DISTRIBUTION DISTRIBUTION EDGE DISTRIBUTION EDGE Connect Pull Request with JFrog Platform
JFrog 14
THANK YOU!
SiteGround - Reliable hosting with speed, security, and support you can count on.
tsuyo
sansan33
yukyu30
masuda220
moongift
yudai00
tomokusaba
zaimy
z63d
ciarana
holman
inesmontani
watany
techseoconnect
mraible
honzajavorek
brad_frost
jonoalderson
soudai
thirion
