安全なソフトウェアサプライチェーンの実現 / secure-software-supply-c...

Tsuyoshi Miyake

May 18, 2022

45

安全なソフトウェアサプライチェーンの実現 / secure-software-supply-chain-with-jfrog

2022/05/18 に実施した JFrog x SoftBank x PrismaCloud 共同 DevSecOps セミナーの JFrog 発表分です

Tsuyoshi Miyake

May 18, 2022

Tweet

More Decks by Tsuyoshi Miyake

See All by Tsuyoshi Miyake

JFrog 最新情報 - JFrog DevOps プラットフォームの今までとこれから / jfrog-update-for-devopskaigi-2022

0

440

猿でもわかるコンテナ V3 / a-monkeys-guide-to-container-v3

0

75

猿でもわかる DevOps / a-monkeys-guide-to-devops

0

820

はじめての JFrog Platform V2 / getting-started-with-jfrog-platform-v2

0

380

はじめての JFrog Distribution / getting-started-with-jfrog-distribution

0

180

はじめての JFrog Pipelines / getting-started-with-jfrog-pipelines

0

220

はじめての JFrog Xray / getting-started-with-jfrog-xray

0

1.5k

はじめての JFrog Artifactory / getting-started-with-jfrog-artifactory

0

1.2k

はじめての JFrog Platform / getting-started-with-jfrog-platform

0

830

Other Decks in Technology

See All in Technology

MySQLのSpatial(GIS)機能をもっと充実させたい～ MyNA望年会2025LT

0

120

半年で、AIゼロ知識から AI中心開発組織の変革担当に至るまで

0

140

「もしもデータ基盤開発で『強くてニューゲーム』ができたなら今の僕はどんなデータ基盤を作っただろう」

0

250

MySQLとPostgreSQLのコレーション / Collation of MySQL and PostgreSQL

1

1.2k

ソフトウェアエンジニアとAIエンジニアの役割分担についてのある事例

PRO

0

270

New Relic 1 年生の振り返りと Cloud Cost Intelligence について #NRUG

0

240

Strands Agents × インタリーブ思考で変わるAIエージェント設計 / Strands Agents x Interleaved Thinking AI Agents

5

2.1k

Oracle Database@AWS：サービス概要のご紹介

oracle4engineer

PRO

1

410

AWSの新機能をフル活用した「re:Inventエージェント」開発秘話

2

460

SREが取り組むデプロイ高速化 ─ Docker Buildを最適化した話

0

150

20251218_AIを活用した開発生産性向上の全社的な取り組みの進め方について / How to proceed with company-wide initiatives to improve development productivity using AI

0

710

AR Guitar: Expanding Guitar Performance from a Live House to Urban Space

0

230

Featured

See All Featured

brightonSEO & MeasureFest 2025 - Christian Goodrich - Winning strategies for Black Friday CRO & PPC

2

66

Navigating Team Friction

191

16k

The Mindset for Success: Future Career Progression

PRO

0

200

Designing for Performance

610

69k

PRO

0

39

The innovator’s Mindset -  Leading Through an Era of Exponential Change - McGill University 2025

PRO

1

69

How to optimise 3,500 product descriptions for ecommerce in one day using ChatGPT

PRO

0

3.4k

So, you think you're a good person

PRO

0

1.8k

AI: The stuff that nobody shows you

PRO

1

26

We Are The Robots

0

120

The Curse of the Amulet

0

4.8k

Let's Do A Bunch of Simple Stuff to Make Websites Faster

508

140k

Transcript

DevSecOps with JFrog Platform
2 § § Sr. DevOps Acceleration Engineer @JFrog § DevOps
Liquid Software § @tsuyoshi_miyake [email protected]
3 TPS TPS - Wikipedia: Toyota Production System (https://en.wikipedia.org/wiki/Toyota_Production_System) DevOps
• • • 4
1 SSC N 5 • • •
1 N 6 VCS (Git) CI/CD ??? • • •
SSC OSS B C A OSS OSS SSC SSC 7
8 • • • •
(CVE) by OSS (CVE) Executive Order on Improving the Nation
s Cybersecurity CVE 9
24/7 Dedicated Support + DevOps Acceleration Service Arm BUILD TEST
RELEASE DEPLOY CI/CD On Premises & Multicloud VCS ACCESS FEDERATION ACL SSO 10 JFrog Platform
Artifactory for 11 docker-prod-local docker-dev-local (default) docker-qa-local Docker Hub docker-remote
docker
WATCHES Xray for SBOM (Software Bill of Materials) 12 POLICIES
Security License Fail Build Web Hooks, Slack, Emails XUC (Xray Update Center) Bundle Build Build Repo Repo Frogbot IDE XRAY ARTIFACTORY SBOM (SPDX, CycloneDX)
13 PIPELINES > git commit Public Repos IDE Git Repo
package .json ARTIFACTORY XRAY PLUGIN XRAY DISTRIBUTION DISTRIBUTION EDGE DISTRIBUTION EDGE Connect Pull Request with JFrog Platform
JFrog 14
THANK YOU!