The Cloud is enabling businesses to quickly adopt and use technology in ways that we've never imagined before. Security teams need to find ways to keep up; automation is the solution. By using Policy as Code tools we can define and enforce security guardrails. This allows developers and cloud engineers to continue shipping features while bringing the confidence to everybody that security requirements are being met.
Learning Objectives:
Examine how unsafe systems can accidentally be deployed into production
Automatically identify cloud environments that don't meet security requirements
Prevent further misconfigurations via automated Policy as Code enforcement points using tools such as easy_infra and Checkov
Remediate misconfigured systems
Automate reassessing cloud systems, and generate evidence for compliance and audit teams
Prerequisites:
Comfortable with Linux command line tools
Comfortable with git-based version control systems
Comfortable reading configuration files
System Requirements:
A modern web browser, preferably Chrome
AWS account with root access or an IAM user with Administrator Access permissions
If you need an AWS account, you can create a free tier account with root access at https://aws.amazon.com/free/ The cost to complete the workshop will be minimal (pennies).
Jon is the founder and CEO of Zenable, a tech company that uses a governance-first, fully automated approach to streamline cloud-native technology adoption and security. He also co-founded Seiso, a cloud native technology consulting company.
