Home Conference Sessions Automating Secur...

Automating Security & Compliance (for Fun & Profit)

Nicole Johnson | GOTO Chicago 2017

You need to be signed in to add a collection

The business demands innovation. IT infrastructure and application development agree. But of course it’s not that easy. Now the corporate security team would like to meet, and the auditors have a few words for you too. (Those words are “wait just a minute”.) How do we ensure that as we modernize, we don’t introduce unacceptable risk? Incorporating security and compliance into infrastructure updates from the beginning means we can forestall project-derailing last-minute roadblocks. Automated security and compliance tests are how we track and assess our risk levels as we release changes. I’ll demonstrate a live walkthrough of building a compliance testing profile based on an industry-standard CIS Benchmark. Learn how to codify compliance profiles, incorporate such compliance testing into your release automation processes, and keep your internal stakeholders saying “yes, and” instead of “no, because...”.

Share on:
linkedin facebook
Copied!

Transcript

The business demands innovation. IT infrastructure and application development agree. But of course it’s not that easy. Now the corporate security team would like to meet, and the auditors have a few words for you too. (Those words are “wait just a minute”.) How do we ensure that as we modernize, we don’t introduce unacceptable risk? Incorporating security and compliance into infrastructure updates from the beginning means we can forestall project-derailing last-minute roadblocks.

Automated security and compliance tests are how we track and assess our risk levels as we release changes. I’ll demonstrate a live walkthrough of building a compliance testing profile based on an industry-standard CIS Benchmark. Learn how to codify compliance profiles, incorporate such compliance testing into your release automation processes, and keep your internal stakeholders saying “yes, and” instead of “no, because...”.

About the speakers

Nicole Johnson

Nicole Johnson

Manager, Solution Architects at Chef Software