Automating Cloud Security with Open Policy Agent with Josh Stella! - OWASP DevSlop
FOLLOW & SUBSCRIBE TO DEVSLOP
LinkedIn: https://www.linkedin.com/company/owas...
Twitter: https://twitter.com/Owasp_DevSlop
YouTube: https://www.youtube.com/c/OWASPDevSlop?sub_confirmation=1
DEV.TO: https://dev.to/devslop
Hosts: Nancy Gariche, Nicole Becher (@thedeadrobots)
GIVEAWAY SPONSOR: AVATAO (https://avatao.com/ )
Automating policy checks for infrastructure as code prior to deployment is becoming a critical part of the DevSecOps toolkit. Open Policy Agent (OPA) is an open-source policy-as-code standard that's easy to use and incredibly flexible for a wide variety of use cases.
In this talk, Josh Stella (cofounder and CTO at Fugue) will show how cloud engineers can leverage OPA to move fast and ensure cloud infrastructure compliance. He'll cover:
* Understanding OPA and getting started with policy-as-code for cloud infrastructure
* Checking Terraform for policy violations using Regula, an OPA-based open-source tool
* Integrating cloud security into CI/CD to prevent deployment misconfiguration
OUR GUEST: JOSH STELLA
Josh Stella is co-founder and CTO of Fugue, the company delivering autonomous cloud infrastructure security and compliance. Previously, Josh was a Principal Solutions Architect at Amazon Web Services (AWS), where he supported customers in the area of national security. Prior to Fugue, Josh served as CTO for a technology startup and in numerous other IT leadership and technical roles over the past 25 years.
You can find Josh on social media:
https://twitter.com/joshstella
Видео Automating Cloud Security with Open Policy Agent with Josh Stella! - OWASP DevSlop канала OWASP DevSlop
LinkedIn: https://www.linkedin.com/company/owas...
Twitter: https://twitter.com/Owasp_DevSlop
YouTube: https://www.youtube.com/c/OWASPDevSlop?sub_confirmation=1
DEV.TO: https://dev.to/devslop
Hosts: Nancy Gariche, Nicole Becher (@thedeadrobots)
GIVEAWAY SPONSOR: AVATAO (https://avatao.com/ )
Automating policy checks for infrastructure as code prior to deployment is becoming a critical part of the DevSecOps toolkit. Open Policy Agent (OPA) is an open-source policy-as-code standard that's easy to use and incredibly flexible for a wide variety of use cases.
In this talk, Josh Stella (cofounder and CTO at Fugue) will show how cloud engineers can leverage OPA to move fast and ensure cloud infrastructure compliance. He'll cover:
* Understanding OPA and getting started with policy-as-code for cloud infrastructure
* Checking Terraform for policy violations using Regula, an OPA-based open-source tool
* Integrating cloud security into CI/CD to prevent deployment misconfiguration
OUR GUEST: JOSH STELLA
Josh Stella is co-founder and CTO of Fugue, the company delivering autonomous cloud infrastructure security and compliance. Previously, Josh was a Principal Solutions Architect at Amazon Web Services (AWS), where he supported customers in the area of national security. Prior to Fugue, Josh served as CTO for a technology startup and in numerous other IT leadership and technical roles over the past 25 years.
You can find Josh on social media:
https://twitter.com/joshstella
Видео Automating Cloud Security with Open Policy Agent with Josh Stella! - OWASP DevSlop канала OWASP DevSlop
Показать
Комментарии отсутствуют
Информация о видео
Другие видео канала
![Embrace Secure Defaults, Block Anti-patterns, and Kill Bug Classes with Semgrep with Clint Gibler](https://i.ytimg.com/vi/GoeONtFx0bA/default.jpg)
![How to Analyze Code for Vulnerabilities using Joern](https://i.ytimg.com/vi/qtGRNb_2Khs/default.jpg)
![OWASP DevSlop Show: Rapid Threat Model Prototyping with Geoffrey Hill!](https://i.ytimg.com/vi/6eUlRVzcbaU/default.jpg)
![DevSlop Game Day Recap & Solution with Renan Dias](https://i.ytimg.com/vi/1py6iNroHBM/default.jpg)
![Privilege Escalation in the Cloud with Carlos Polop](https://i.ytimg.com/vi/DHLuUVx32RI/default.jpg)
![Threats Against Application Identities in the Microsoft Cloud](https://i.ytimg.com/vi/heHiv6nLrFA/default.jpg)
![The Act of Balancing: Burnout in Cybersecurity with Chloé Messdaghi!](https://i.ytimg.com/vi/5H2-wvn0UbA/default.jpg)
![Github Actions Security Best Practices with Reethi Kotti](https://i.ytimg.com/vi/B5X_2q_ko5U/default.jpg)
![Containers in a nutshell — ähm pod! Containers in a pod](https://i.ytimg.com/vi/1nUoIFSon50/default.jpg)
![Knock Your SOCs Off: Modernizing Security Operations with Kat Sweet!](https://i.ytimg.com/vi/0-5mHRwvZ7w/default.jpg)
![Shifting Cloud Security Left: Scanning Infrastructure as Code for Security Issues](https://i.ytimg.com/vi/mw-mEnLxNj4/default.jpg)
![Logging & Monitoring on AWS 101 with Veliswa Boya! - OWASP DevSlop](https://i.ytimg.com/vi/5YbAqXiHkMM/default.jpg)
![AppSec at the Speed of DevOps: 3 Common Mistakes with Erica Anderson!](https://i.ytimg.com/vi/ExL_DT0Jhwc/default.jpg)
![GitOps and Best Practices for Managing Infrastructure with Javeria Khan!](https://i.ytimg.com/vi/7jgLqlysuxo/default.jpg)
![Vulnerability Writeups: The Magical 5 Minute Formula](https://i.ytimg.com/vi/xGRF715ElAw/default.jpg)
![Ceci n'est pas une Pipeline: is it CI/CD or WHAT?](https://i.ytimg.com/vi/VeKqDWALWBc/default.jpg)
![Compromised Compilers - A new perspective of supply chain cyber attacks](https://i.ytimg.com/vi/55kaaMGBARM/default.jpg)
![Cloud Security and IAM for Developers](https://i.ytimg.com/vi/juGTP9A6VMI/default.jpg)
![Yellow Team + Blue Team = Green Team](https://i.ytimg.com/vi/6fkz_3lU1Ic/default.jpg)
![Account Security beyond 2FA with Neil Matatall](https://i.ytimg.com/vi/hrAKE6LaizE/default.jpg)