Upgrade to PRO for Only $50/Year—Limited-Time Offer! 🔥
Speaker Deck
Features
Speaker Deck
PRO
Sign in
Sign up for free
Search
Search
安全なソフトウェアサプライチェーンの実現 / secure-software-supply-c...
Search
Tsuyoshi Miyake
May 18, 2022
Technology
0
42
安全なソフトウェアサプライチェーンの実現 / secure-software-supply-chain-with-jfrog
2022/05/18 に実施した JFrog x SoftBank x PrismaCloud 共同 DevSecOps セミナーの JFrog 発表分です
Tsuyoshi Miyake
May 18, 2022
Tweet
Share
More Decks by Tsuyoshi Miyake
See All by Tsuyoshi Miyake
JFrog 最新情報 - JFrog DevOps プラットフォームの今までとこれから / jfrog-update-for-devopskaigi-2022
tsuyo
0
430
猿でもわかるコンテナ V3 / a-monkeys-guide-to-container-v3
tsuyo
0
72
猿でもわかる DevOps / a-monkeys-guide-to-devops
tsuyo
0
820
はじめての JFrog Platform V2 / getting-started-with-jfrog-platform-v2
tsuyo
0
370
はじめての JFrog Distribution / getting-started-with-jfrog-distribution
tsuyo
0
180
はじめての JFrog Pipelines / getting-started-with-jfrog-pipelines
tsuyo
0
210
はじめての JFrog Xray / getting-started-with-jfrog-xray
tsuyo
0
1.5k
はじめての JFrog Artifactory / getting-started-with-jfrog-artifactory
tsuyo
0
1.1k
はじめての JFrog Platform / getting-started-with-jfrog-platform
tsuyo
0
820
Other Decks in Technology
See All in Technology
pmconf2025 - データを活用し「価値」へ繋げる
glorypulse
0
630
Agentic AI Patterns and Anti-Patterns
glaforge
1
150
Agents IA : la nouvelle frontière des LLMs (Tech.Rocks Summit 2025)
glaforge
0
460
Gemini でコードレビュー知見を見える化
zozotech
PRO
1
120
著者と読み解くAIエージェント現場導入の勘所 Lancers TechBook#2
smiyawaki0820
11
5.4k
Security Diaries of an Open Source IAM
ahus1
0
130
Ruby で作る大規模イベントネットワーク構築・運用支援システム TTDB
taketo1113
1
110
AWS Bedrock AgentCoreで作る 1on1支援AIエージェント 〜Memory × Evaluationsによる実践開発〜
yusukeshimizu
4
270
世界最速級 memcached 互換サーバー作った
yasukata
0
270
AI活用によるPRレビュー改善の歩み ― 社内全体に広がる学びと実践
lycorptech_jp
PRO
1
150
Kiro Autonomous AgentとKiro Powers の紹介 / kiro-autonomous-agent-and-powers
tomoki10
0
160
Microsoft Agent 365 を 30 分でなんとなく理解する
skmkzyk
1
480
Featured
See All Featured
CoffeeScript is Beautiful & I Never Want to Write Plain JavaScript Again
sstephenson
162
15k
YesSQL, Process and Tooling at Scale
rocio
174
15k
Making Projects Easy
brettharned
120
6.5k
Faster Mobile Websites
deanohume
310
31k
The Hidden Cost of Media on the Web [PixelPalooza 2025]
tammyeverts
1
88
Code Reviewing Like a Champion
maltzj
527
40k
Learning to Love Humans: Emotional Interface Design
aarron
274
41k
jQuery: Nuts, Bolts and Bling
dougneiner
65
8.1k
Done Done
chrislema
186
16k
A Modern Web Designer's Workflow
chriscoyier
697
190k
Into the Great Unknown - MozCon
thekraken
40
2.2k
Writing Fast Ruby
sferik
630
62k
Transcript
DevSecOps with JFrog Platform
2 § § Sr. DevOps Acceleration Engineer @JFrog § DevOps
Liquid Software § @tsuyoshi_miyake
[email protected]
3 TPS TPS - Wikipedia: Toyota Production System (https://en.wikipedia.org/wiki/Toyota_Production_System) DevOps
• • • 4
1 SSC N 5 • • •
1 N 6 VCS (Git) CI/CD ??? • • •
SSC OSS B C A OSS OSS SSC SSC 7
8 • • • •
(CVE) by OSS (CVE) Executive Order on Improving the Nation
s Cybersecurity CVE 9
24/7 Dedicated Support + DevOps Acceleration Service Arm BUILD TEST
RELEASE DEPLOY CI/CD On Premises & Multicloud VCS ACCESS FEDERATION ACL SSO 10 JFrog Platform
Artifactory for 11 docker-prod-local docker-dev-local (default) docker-qa-local Docker Hub docker-remote
docker
WATCHES Xray for SBOM (Software Bill of Materials) 12 POLICIES
Security License Fail Build Web Hooks, Slack, Emails XUC (Xray Update Center) Bundle Build Build Repo Repo Frogbot IDE XRAY ARTIFACTORY SBOM (SPDX, CycloneDX)
13 PIPELINES > git commit Public Repos IDE Git Repo
package .json ARTIFACTORY XRAY PLUGIN XRAY DISTRIBUTION DISTRIBUTION EDGE DISTRIBUTION EDGE Connect Pull Request with JFrog Platform
JFrog 14
THANK YOU!
tsuyo
glorypulse
glaforge
zozotech
smiyawaki0820
ahus1
taketo1113
yusukeshimizu
yasukata
lycorptech_jp
tomoki10
skmkzyk
sstephenson
rocio
brettharned
deanohume
tammyeverts
maltzj
aarron
dougneiner
chrislema
chriscoyier
thekraken
sferik
