Upgrade to Pro
— share decks privately, control downloads, hide ads and more …
Speaker Deck
Features
Speaker Deck
PRO
Sign in
Sign up for free
Search
Search
安全なソフトウェアサプライチェーンの実現 / secure-software-supply-c...
Search
Tsuyoshi Miyake
May 18, 2022
Technology
53
0
Share
安全なソフトウェアサプライチェーンの実現 / secure-software-supply-chain-with-jfrog
2022/05/18 に実施した JFrog x SoftBank x PrismaCloud 共同 DevSecOps セミナーの JFrog 発表分です
Tsuyoshi Miyake
May 18, 2022
More Decks by Tsuyoshi Miyake
See All by Tsuyoshi Miyake
JFrog 最新情報 - JFrog DevOps プラットフォームの今までとこれから / jfrog-update-for-devopskaigi-2022
tsuyo
0
460
猿でもわかるコンテナ V3 / a-monkeys-guide-to-container-v3
tsuyo
0
94
猿でもわかる DevOps / a-monkeys-guide-to-devops
tsuyo
0
870
はじめての JFrog Platform V2 / getting-started-with-jfrog-platform-v2
tsuyo
0
420
はじめての JFrog Distribution / getting-started-with-jfrog-distribution
tsuyo
0
200
はじめての JFrog Pipelines / getting-started-with-jfrog-pipelines
tsuyo
0
240
はじめての JFrog Xray / getting-started-with-jfrog-xray
tsuyo
0
1.6k
はじめての JFrog Artifactory / getting-started-with-jfrog-artifactory
tsuyo
0
1.2k
はじめての JFrog Platform / getting-started-with-jfrog-platform
tsuyo
0
860
Other Decks in Technology
See All in Technology
[モダンアプリ勉強会]今更聞けないGit/GitHub入門
tsukuboshi
0
190
AI Engineering Summit Tokyo 2026 AIの前に、やることがある 〜医療データ企業の4フェーズ〜
dtaniwaki
0
1.4k
Djangoユーザが知っ得なPostgreSQL機能 - 設計の選択肢を増やす / Djang-use-PostgreSQL
soudai
PRO
0
110
Oracle AI Database@AWS:サービス概要のご紹介
oracle4engineer
PRO
4
2.8k
個人の発見を、組織の知恵に 〜生成AI活用を"探索"から"組織の仕組み"へ〜
kintotechdev
2
820
ポスター発表&デモと総括 / Poster Presentations & Demonstrations and Summary
ks91
PRO
0
190
イベントストーミングとKiroの仕様駆動開発で実現する要件の認識合わせプロセス
syobochim
7
1.1k
AI活用を推進するために ファインディが下した、一つの小さな決断
starfish719
0
220
Databricks における 生成AIガバナンスの実践
taka_aki
1
280
APIテストとは?
nagix
0
170
OCI Oracle AI Database Services新機能アップデート(2026/03-2026/05)
oracle4engineer
PRO
0
170
地元にいないローカルオーガナイザーの立ち回り
uvb_76
1
450
Featured
See All Featured
Building Better People: How to give real-time feedback that sticks.
wjessup
370
20k
The World Runs on Bad Software
bkeepers
PRO
72
12k
Believing is Seeing
oripsolob
1
140
Bootstrapping a Software Product
garrettdimon
PRO
307
120k
Visualizing Your Data: Incorporating Mongo into Loggly Infrastructure
mongodb
49
10k
Scaling GitHub
holman
464
140k
コードの90%をAIが書く世界で何が待っているのか / What awaits us in a world where 90% of the code is written by AI
rkaga
61
44k
How to optimise 3,500 product descriptions for ecommerce in one day using ChatGPT
katarinadahlin
PRO
1
3.6k
Refactoring Trust on Your Teams (GOTO; Chicago 2020)
rmw
35
3.5k
The Invisible Side of Design
smashingmag
302
52k
Google's AI Overviews - The New Search
badams
0
1k
How to Build an AI Search Optimization Roadmap - Criteria and Steps to Take #SEOIRL
aleyda
1
2.1k
Transcript
DevSecOps with JFrog Platform
2 § § Sr. DevOps Acceleration Engineer @JFrog § DevOps
Liquid Software § @tsuyoshi_miyake
[email protected]
3 TPS TPS - Wikipedia: Toyota Production System (https://en.wikipedia.org/wiki/Toyota_Production_System) DevOps
• • • 4
1 SSC N 5 • • •
1 N 6 VCS (Git) CI/CD ??? • • •
SSC OSS B C A OSS OSS SSC SSC 7
8 • • • •
(CVE) by OSS (CVE) Executive Order on Improving the Nation
s Cybersecurity CVE 9
24/7 Dedicated Support + DevOps Acceleration Service Arm BUILD TEST
RELEASE DEPLOY CI/CD On Premises & Multicloud VCS ACCESS FEDERATION ACL SSO 10 JFrog Platform
Artifactory for 11 docker-prod-local docker-dev-local (default) docker-qa-local Docker Hub docker-remote
docker
WATCHES Xray for SBOM (Software Bill of Materials) 12 POLICIES
Security License Fail Build Web Hooks, Slack, Emails XUC (Xray Update Center) Bundle Build Build Repo Repo Frogbot IDE XRAY ARTIFACTORY SBOM (SPDX, CycloneDX)
13 PIPELINES > git commit Public Repos IDE Git Repo
package .json ARTIFACTORY XRAY PLUGIN XRAY DISTRIBUTION DISTRIBUTION EDGE DISTRIBUTION EDGE Connect Pull Request with JFrog Platform
JFrog 14
THANK YOU!
tsuyo
tsukuboshi
dtaniwaki
soudai
oracle4engineer
kintotechdev
ks91
syobochim
starfish719
taka_aki
nagix
uvb_76
wjessup
bkeepers
oripsolob
garrettdimon
mongodb
holman
rkaga
katarinadahlin
rmw
smashingmag
badams
aleyda
