Upgrade to Pro
— share decks privately, control downloads, hide ads and more …
Speaker Deck
Features
Speaker Deck
PRO
Sign in
Sign up for free
Search
Search
安全なソフトウェアサプライチェーンの実現 / secure-software-supply-c...
Search
Tsuyoshi Miyake
May 18, 2022
Technology
0
31
安全なソフトウェアサプライチェーンの実現 / secure-software-supply-chain-with-jfrog
2022/05/18 に実施した JFrog x SoftBank x PrismaCloud 共同 DevSecOps セミナーの JFrog 発表分です
Tsuyoshi Miyake
May 18, 2022
Tweet
Share
More Decks by Tsuyoshi Miyake
See All by Tsuyoshi Miyake
JFrog 最新情報 - JFrog DevOps プラットフォームの今までとこれから / jfrog-update-for-devopskaigi-2022
tsuyo
0
420
猿でもわかるコンテナ V3 / a-monkeys-guide-to-container-v3
tsuyo
0
58
猿でもわかる DevOps / a-monkeys-guide-to-devops
tsuyo
0
780
はじめての JFrog Platform V2 / getting-started-with-jfrog-platform-v2
tsuyo
0
330
はじめての JFrog Distribution / getting-started-with-jfrog-distribution
tsuyo
0
160
はじめての JFrog Pipelines / getting-started-with-jfrog-pipelines
tsuyo
0
200
はじめての JFrog Xray / getting-started-with-jfrog-xray
tsuyo
0
1.5k
はじめての JFrog Artifactory / getting-started-with-jfrog-artifactory
tsuyo
0
1k
はじめての JFrog Platform / getting-started-with-jfrog-platform
tsuyo
0
790
Other Decks in Technology
See All in Technology
原則から考える保守しやすいComposable関数設計
moriatsushi
3
500
kubellが挑むBPaaSにおける、人とAIエージェントによるサービス開発の最前線と技術展望
kubell_hr
1
390
IAMのマニアックな話 2025を執筆して、 見えてきたAWSアカウント管理の現在
nrinetcom
PRO
4
650
VCpp Link and Library - C++ breaktime 2025 Summer
harukasao
0
220
CI/CDとタスク共有で加速するVibe Coding
tnbe21
0
230
Amazon S3標準/ S3 Tables/S3 Express One Zoneを使ったログ分析
shigeruoda
2
380
Observability infrastructure behind the trillion-messages scale Kafka platform
lycorptech_jp
PRO
0
130
OAuth/OpenID Connectで実現するMCPのセキュアなアクセス管理
kuralab
5
830
生成AIでwebアプリケーションを作ってみた
tajimon
2
120
Snowflake Summit 2025 データエンジニアリング関連新機能紹介 / Snowflake Summit 2025 What's New about Data Engineering
tiltmax3
0
220
Claude Code どこまでも/ Claude Code Everywhere
nwiizo
53
31k
強化されたAmazon Location Serviceによる新機能と開発者体験
dayjournal
2
150
Featured
See All Featured
Fashionably flexible responsive web design (full day workshop)
malarkey
407
66k
Keith and Marios Guide to Fast Websites
keithpitt
411
22k
Into the Great Unknown - MozCon
thekraken
39
1.9k
Why Our Code Smells
bkeepers
PRO
337
57k
How STYLIGHT went responsive
nonsquared
100
5.6k
Bash Introduction
62gerente
614
210k
The World Runs on Bad Software
bkeepers
PRO
68
11k
Building a Modern Day E-commerce SEO Strategy
aleyda
41
7.3k
Unsuck your backbone
ammeep
671
58k
Designing for Performance
lara
609
69k
No one is an island. Learnings from fostering a developers community.
thoeni
21
3.3k
Dealing with People You Can't Stand - Big Design 2015
cassininazir
367
26k
Transcript
DevSecOps with JFrog Platform
2 § § Sr. DevOps Acceleration Engineer @JFrog § DevOps
Liquid Software § @tsuyoshi_miyake
[email protected]
3 TPS TPS - Wikipedia: Toyota Production System (https://en.wikipedia.org/wiki/Toyota_Production_System) DevOps
• • • 4
1 SSC N 5 • • •
1 N 6 VCS (Git) CI/CD ??? • • •
SSC OSS B C A OSS OSS SSC SSC 7
8 • • • •
(CVE) by OSS (CVE) Executive Order on Improving the Nation
s Cybersecurity CVE 9
24/7 Dedicated Support + DevOps Acceleration Service Arm BUILD TEST
RELEASE DEPLOY CI/CD On Premises & Multicloud VCS ACCESS FEDERATION ACL SSO 10 JFrog Platform
Artifactory for 11 docker-prod-local docker-dev-local (default) docker-qa-local Docker Hub docker-remote
docker
WATCHES Xray for SBOM (Software Bill of Materials) 12 POLICIES
Security License Fail Build Web Hooks, Slack, Emails XUC (Xray Update Center) Bundle Build Build Repo Repo Frogbot IDE XRAY ARTIFACTORY SBOM (SPDX, CycloneDX)
13 PIPELINES > git commit Public Repos IDE Git Repo
package .json ARTIFACTORY XRAY PLUGIN XRAY DISTRIBUTION DISTRIBUTION EDGE DISTRIBUTION EDGE Connect Pull Request with JFrog Platform
JFrog 14
THANK YOU!
tsuyo
moriatsushi
kubell_hr
nrinetcom
harukasao
tnbe21
shigeruoda
lycorptech_jp
kuralab
tajimon
tiltmax3
nwiizo
dayjournal
malarkey
keithpitt
thekraken
bkeepers
nonsquared
62gerente
aleyda
ammeep
lara
thoeni
cassininazir
