Upgrade to Pro
— share decks privately, control downloads, hide ads and more …
Speaker Deck
Features
Speaker Deck
PRO
Sign in
Sign up for free
Search
Search
安全なソフトウェアサプライチェーンの実現 / secure-software-supply-c...
Search
Tsuyoshi Miyake
May 18, 2022
Technology
55
0
Share
Embed
Copy iframe code
Copy JS code
Copy link
Start on current slide
安全なソフトウェアサプライチェーンの実現 / secure-software-supply-chain-with-jfrog
2022/05/18 に実施した JFrog x SoftBank x PrismaCloud 共同 DevSecOps セミナーの JFrog 発表分です
Tsuyoshi Miyake
May 18, 2022
More Decks by Tsuyoshi Miyake
See All by Tsuyoshi Miyake
JFrog 最新情報 - JFrog DevOps プラットフォームの今までとこれから / jfrog-update-for-devopskaigi-2022
tsuyo
0
470
猿でもわかるコンテナ V3 / a-monkeys-guide-to-container-v3
tsuyo
0
95
猿でもわかる DevOps / a-monkeys-guide-to-devops
tsuyo
0
880
はじめての JFrog Platform V2 / getting-started-with-jfrog-platform-v2
tsuyo
0
430
はじめての JFrog Distribution / getting-started-with-jfrog-distribution
tsuyo
0
210
はじめての JFrog Pipelines / getting-started-with-jfrog-pipelines
tsuyo
0
240
はじめての JFrog Xray / getting-started-with-jfrog-xray
tsuyo
0
1.6k
はじめての JFrog Artifactory / getting-started-with-jfrog-artifactory
tsuyo
0
1.2k
はじめての JFrog Platform / getting-started-with-jfrog-platform
tsuyo
0
870
Other Decks in Technology
See All in Technology
フィジカル版Github Onshapeの紹介
shiba_8ro
0
320
【Snowflake Summit 2026 Recap!!】Snowflake Summit Deep Dive: Security & Governance
civitaspo
1
310
螺旋型キャリアの生存戦略 / kinoko-conf2026
rakus_dev
1
940
AIをフル活用してオンコール機能のプロトタイプを2日で作った話 / Building an AI-Powered On-Call Prototype in Just Two Days
nari_ex
0
110
[AWS Summit Japan 2026]迷っているあなたへ_小さな一歩が、やがて自分を助けてくれる
sh_fk2
2
400
AI Agentをシステムに組み込む前にゆるく向き合ってみる
hayama17
0
130
起点・思考・出力で分解する 〜PM業務の自動化設計〜
kazu_kichi_67
1
1k
5分でわかるDuckDB Quack
chanyou0311
2
250
SONiC Scale-Up Working Group から探る Scale-UpやUltraEthernet機能の実装方法
ebiken
PRO
2
480
生成 AI 実践ガイド (概略版) AIガバナンス編
asei
0
190
クラウドファンディング版StackChan 3体(4体)をインタラクティブな体験型作品にして展示もした話 / スタックチャンお誕生日会2026
you
PRO
0
180
元銀行員がAIだけでアプリを量産!「バイブコーディング実演セミナー 」
tatsuya1970
0
110
Featured
See All Featured
Designing Experiences People Love
moore
143
24k
HU Berlin: Industrial-Strength Natural Language Processing with spaCy and Prodigy
inesmontani
PRO
0
410
Code Reviewing Like a Champion
maltzj
528
40k
My Coaching Mixtape
mlcsv
0
150
Build The Right Thing And Hit Your Dates
maggiecrowley
39
3.2k
Why Your Marketing Sucks and What You Can Do About It - Sophie Logan
marketingsoph
0
170
The Power of CSS Pseudo Elements
geoffreycrofte
82
6.3k
Lessons Learnt from Crawling 1000+ Websites
charlesmeaden
PRO
1
1.3k
[Rails World 2023 - Day 1 Closing Keynote] - The Magic of Rails
eileencodes
38
2.9k
Leveraging Curiosity to Care for An Aging Population
cassininazir
1
270
Writing Fast Ruby
sferik
630
63k
Java REST API Framework Comparison - PWX 2021
mraible
34
9.4k
Transcript
DevSecOps with JFrog Platform
2 § § Sr. DevOps Acceleration Engineer @JFrog § DevOps
Liquid Software § @tsuyoshi_miyake
[email protected]
3 TPS TPS - Wikipedia: Toyota Production System (https://en.wikipedia.org/wiki/Toyota_Production_System) DevOps
• • • 4
1 SSC N 5 • • •
1 N 6 VCS (Git) CI/CD ??? • • •
SSC OSS B C A OSS OSS SSC SSC 7
8 • • • •
(CVE) by OSS (CVE) Executive Order on Improving the Nation
s Cybersecurity CVE 9
24/7 Dedicated Support + DevOps Acceleration Service Arm BUILD TEST
RELEASE DEPLOY CI/CD On Premises & Multicloud VCS ACCESS FEDERATION ACL SSO 10 JFrog Platform
Artifactory for 11 docker-prod-local docker-dev-local (default) docker-qa-local Docker Hub docker-remote
docker
WATCHES Xray for SBOM (Software Bill of Materials) 12 POLICIES
Security License Fail Build Web Hooks, Slack, Emails XUC (Xray Update Center) Bundle Build Build Repo Repo Frogbot IDE XRAY ARTIFACTORY SBOM (SPDX, CycloneDX)
13 PIPELINES > git commit Public Repos IDE Git Repo
package .json ARTIFACTORY XRAY PLUGIN XRAY DISTRIBUTION DISTRIBUTION EDGE DISTRIBUTION EDGE Connect Pull Request with JFrog Platform
JFrog 14
THANK YOU!