Automating Security & Compliance (for Fun & Profit)
You need to be signed in to add a collection
The business demands innovation. IT infrastructure and application development agree. But of course it’s not that easy. Now the corporate security team would like to meet, and the auditors have a few words for you too. (Those words are “wait just a minute”.) How do we ensure that as we modernize, we don’t introduce unacceptable risk? Incorporating security and compliance into infrastructure updates from the beginning means we can forestall project-derailing last-minute roadblocks. Automated security and compliance tests are how we track and assess our risk levels as we release changes. I’ll demonstrate a live walkthrough of building a compliance testing profile based on an industry-standard CIS Benchmark. Learn how to codify compliance profiles, incorporate such compliance testing into your release automation processes, and keep your internal stakeholders saying “yes, and” instead of “no, because...”.
Transcript
The business demands innovation. IT infrastructure and application development agree. But of course it’s not that easy. Now the corporate security team would like to meet, and the auditors have a few words for you too. (Those words are “wait just a minute”.) How do we ensure that as we modernize, we don’t introduce unacceptable risk? Incorporating security and compliance into infrastructure updates from the beginning means we can forestall project-derailing last-minute roadblocks.
Automated security and compliance tests are how we track and assess our risk levels as we release changes. I’ll demonstrate a live walkthrough of building a compliance testing profile based on an industry-standard CIS Benchmark. Learn how to codify compliance profiles, incorporate such compliance testing into your release automation processes, and keep your internal stakeholders saying “yes, and” instead of “no, because...”.