Putting the "Sec" in DevSecOps: Automating Cloud Security as an Enabler

Session Description

Security in most dev environments is broken. With ever-changing environments, engineers focused on features, and DevOps enabling agility, traditional security can't keep up. Even with security in place, the chance of catching each bad Terraform default or hidden * in a wide-open IAM policy is near impossible across endless cloud services. In this session, we'll show how (with very little effort) you can shift security left with automated IaC security scanning and provide practical advice for fixing identified misconfigurations. You bring your DevOps pipeline; we'll show you how to secure it.