Upgrade to Pro
— share decks privately, control downloads, hide ads and more …
Speaker Deck
Features
Speaker Deck
PRO
Sign in
Sign up for free
Search
Search
安全なソフトウェアサプライチェーンの実現 / secure-software-supply-c...
Search
Tsuyoshi Miyake
May 18, 2022
Technology
55
0
Share
Embed
Copy iframe code
Copy JS code
Copy link
Start on current slide
安全なソフトウェアサプライチェーンの実現 / secure-software-supply-chain-with-jfrog
2022/05/18 に実施した JFrog x SoftBank x PrismaCloud 共同 DevSecOps セミナーの JFrog 発表分です
Tsuyoshi Miyake
May 18, 2022
More Decks by Tsuyoshi Miyake
See All by Tsuyoshi Miyake
JFrog 最新情報 - JFrog DevOps プラットフォームの今までとこれから / jfrog-update-for-devopskaigi-2022
tsuyo
0
470
猿でもわかるコンテナ V3 / a-monkeys-guide-to-container-v3
tsuyo
0
95
猿でもわかる DevOps / a-monkeys-guide-to-devops
tsuyo
0
880
はじめての JFrog Platform V2 / getting-started-with-jfrog-platform-v2
tsuyo
0
430
はじめての JFrog Distribution / getting-started-with-jfrog-distribution
tsuyo
0
210
はじめての JFrog Pipelines / getting-started-with-jfrog-pipelines
tsuyo
0
240
はじめての JFrog Xray / getting-started-with-jfrog-xray
tsuyo
0
1.6k
はじめての JFrog Artifactory / getting-started-with-jfrog-artifactory
tsuyo
0
1.2k
はじめての JFrog Platform / getting-started-with-jfrog-platform
tsuyo
0
870
Other Decks in Technology
See All in Technology
SteampipeとExcel Power QueryでAWS構成定義書の作成を自動化する
jhashimoto
0
180
感情と身体を置き去りにしない、エンジニアの生きのこり方 ──いまから、ここから「自分の状態」を扱うという選択
saorimurooka
0
330
脱SaaS!FDEを支えるプロビジョニングと分離設計
knih
0
300
When Platform Engineering Meets GenAI
sucitw
0
170
從開發到部署全都交給 AI:實作 AI 驅動的自動化流程
appleboy
0
160
コミットの「なぜ」を読む
ota1022
0
120
AWS Security Agent といっしょに脅威モデリングをやってみよう
amarelo_n24
1
210
水を運ぶ人としてのリーダーシップ
izumii19
4
990
自宅LLMの話
jacopen
1
720
技術・能力を向上する原理原則 #きのこセッションa #きのこ2026
bash0c7
0
120
フィジカル版Github Onshapeの紹介
shiba_8ro
0
320
いまさら聞けない「仕様駆動開発入門」 〜AI活用時代の開発プロセスを考える〜
findy_eventslides
2
200
Featured
See All Featured
The Web Performance Landscape in 2024 [PerfNow 2024]
tammyeverts
12
1.2k
Taking LLMs out of the black box: A practical guide to human-in-the-loop distillation
inesmontani
PRO
3
2.3k
YesSQL, Process and Tooling at Scale
rocio
174
15k
Discover your Explorer Soul
emna__ayadi
2
1.1k
Speed Design
sergeychernyshev
33
1.9k
Crafting Experiences
bethany
1
190
How People are Using Generative and Agentic AI to Supercharge Their Products, Projects, Services and Value Streams Today
helenjbeal
1
220
Claude Code のすすめ
schroneko
67
230k
JavaScript: Past, Present, and Future - NDC Porto 2020
reverentgeek
52
6k
How To Stay Up To Date on Web Technology
chriscoyier
790
250k
Design of three-dimensional binary manipulators for pick-and-place task avoiding obstacles (IECON2024)
konakalab
0
470
Put a Button on it: Removing Barriers to Going Fast.
kastner
60
4.3k
Transcript
DevSecOps with JFrog Platform
2 § § Sr. DevOps Acceleration Engineer @JFrog § DevOps
Liquid Software § @tsuyoshi_miyake
[email protected]
3 TPS TPS - Wikipedia: Toyota Production System (https://en.wikipedia.org/wiki/Toyota_Production_System) DevOps
• • • 4
1 SSC N 5 • • •
1 N 6 VCS (Git) CI/CD ??? • • •
SSC OSS B C A OSS OSS SSC SSC 7
8 • • • •
(CVE) by OSS (CVE) Executive Order on Improving the Nation
s Cybersecurity CVE 9
24/7 Dedicated Support + DevOps Acceleration Service Arm BUILD TEST
RELEASE DEPLOY CI/CD On Premises & Multicloud VCS ACCESS FEDERATION ACL SSO 10 JFrog Platform
Artifactory for 11 docker-prod-local docker-dev-local (default) docker-qa-local Docker Hub docker-remote
docker
WATCHES Xray for SBOM (Software Bill of Materials) 12 POLICIES
Security License Fail Build Web Hooks, Slack, Emails XUC (Xray Update Center) Bundle Build Build Repo Repo Frogbot IDE XRAY ARTIFACTORY SBOM (SPDX, CycloneDX)
13 PIPELINES > git commit Public Repos IDE Git Repo
package .json ARTIFACTORY XRAY PLUGIN XRAY DISTRIBUTION DISTRIBUTION EDGE DISTRIBUTION EDGE Connect Pull Request with JFrog Platform
JFrog 14
THANK YOU!