Automating Security & Compliance - for Fun & Profit

Explore a conference talk on automating security and compliance in DevOps environments. Learn how to balance innovation with risk management as Nicole Johnson, Manager of Solution Architects at Chef Software, discusses strategies for incorporating security and compliance into modernization efforts. Discover techniques for continuous testing, code inspection, and creating auditable processes. Gain insights into DevOps security, risk assessment, and compliance frameworks. Understand the importance of metadata, Windows profiles, and tools like Test Kitchen in ensuring continuous compliance. Dive into practical approaches for making systems auditable and establishing effective feedback loops in your development pipeline.

Introduction
DevOps
DevOps Security
Understanding Risk
What is Compliance
Auditability
Continuous Testing
Compliance
Inspect
Code
Inspection
Metadata
Windows Profiles
Testing
Making Auditable
InspectShell
Chef
Test Kitchen
Test Kitchen Overview
Feedback Loop
Continuous Compliance
QA