Automating Cloud Security with Open Policy Agent with Josh Stella! - OWASP DevSlop
FOLLOW & SUBSCRIBE TO DEVSLOP
LinkedIn: https://www.linkedin.com/company/owas...
Twitter: https://twitter.com/Owasp_DevSlop
YouTube: https://www.youtube.com/c/OWASPDevSlop?sub_confirmation=1
DEV.TO: https://dev.to/devslop
Hosts: Nancy Gariche, Nicole Becher (@thedeadrobots)
GIVEAWAY SPONSOR: AVATAO (https://avatao.com/ )
Automating policy checks for infrastructure as code prior to deployment is becoming a critical part of the DevSecOps toolkit. Open Policy Agent (OPA) is an open-source policy-as-code standard that's easy to use and incredibly flexible for a wide variety of use cases.
In this talk, Josh Stella (cofounder and CTO at Fugue) will show how cloud engineers can leverage OPA to move fast and ensure cloud infrastructure compliance. He'll cover:
* Understanding OPA and getting started with policy-as-code for cloud infrastructure
* Checking Terraform for policy violations using Regula, an OPA-based open-source tool
* Integrating cloud security into CI/CD to prevent deployment misconfiguration
OUR GUEST: JOSH STELLA
Josh Stella is co-founder and CTO of Fugue, the company delivering autonomous cloud infrastructure security and compliance. Previously, Josh was a Principal Solutions Architect at Amazon Web Services (AWS), where he supported customers in the area of national security. Prior to Fugue, Josh served as CTO for a technology startup and in numerous other IT leadership and technical roles over the past 25 years.
You can find Josh on social media:
https://twitter.com/joshstella
Видео Automating Cloud Security with Open Policy Agent with Josh Stella! - OWASP DevSlop канала OWASP DevSlop
LinkedIn: https://www.linkedin.com/company/owas...
Twitter: https://twitter.com/Owasp_DevSlop
YouTube: https://www.youtube.com/c/OWASPDevSlop?sub_confirmation=1
DEV.TO: https://dev.to/devslop
Hosts: Nancy Gariche, Nicole Becher (@thedeadrobots)
GIVEAWAY SPONSOR: AVATAO (https://avatao.com/ )
Automating policy checks for infrastructure as code prior to deployment is becoming a critical part of the DevSecOps toolkit. Open Policy Agent (OPA) is an open-source policy-as-code standard that's easy to use and incredibly flexible for a wide variety of use cases.
In this talk, Josh Stella (cofounder and CTO at Fugue) will show how cloud engineers can leverage OPA to move fast and ensure cloud infrastructure compliance. He'll cover:
* Understanding OPA and getting started with policy-as-code for cloud infrastructure
* Checking Terraform for policy violations using Regula, an OPA-based open-source tool
* Integrating cloud security into CI/CD to prevent deployment misconfiguration
OUR GUEST: JOSH STELLA
Josh Stella is co-founder and CTO of Fugue, the company delivering autonomous cloud infrastructure security and compliance. Previously, Josh was a Principal Solutions Architect at Amazon Web Services (AWS), where he supported customers in the area of national security. Prior to Fugue, Josh served as CTO for a technology startup and in numerous other IT leadership and technical roles over the past 25 years.
You can find Josh on social media:
https://twitter.com/joshstella
Видео Automating Cloud Security with Open Policy Agent with Josh Stella! - OWASP DevSlop канала OWASP DevSlop
Показать
Комментарии отсутствуют
Информация о видео
Другие видео канала
Embrace Secure Defaults, Block Anti-patterns, and Kill Bug Classes with Semgrep with Clint Gibler
How to Analyze Code for Vulnerabilities using Joern
OWASP DevSlop Show: Rapid Threat Model Prototyping with Geoffrey Hill!
DevSlop Game Day Recap & Solution with Renan Dias
Privilege Escalation in the Cloud with Carlos Polop
Threats Against Application Identities in the Microsoft Cloud
The Act of Balancing: Burnout in Cybersecurity with Chloé Messdaghi!
Github Actions Security Best Practices with Reethi Kotti
Containers in a nutshell — ähm pod! Containers in a pod
Knock Your SOCs Off: Modernizing Security Operations with Kat Sweet!
Shifting Cloud Security Left: Scanning Infrastructure as Code for Security Issues
Logging & Monitoring on AWS 101 with Veliswa Boya! - OWASP DevSlop
AppSec at the Speed of DevOps: 3 Common Mistakes with Erica Anderson!
GitOps and Best Practices for Managing Infrastructure with Javeria Khan!
Vulnerability Writeups: The Magical 5 Minute Formula
Ceci n'est pas une Pipeline: is it CI/CD or WHAT?
Compromised Compilers - A new perspective of supply chain cyber attacks
Cloud Security and IAM for Developers
Yellow Team + Blue Team = Green Team
Account Security beyond 2FA with Neil Matatall