Catching Commits to Secure Infrastructure as Code
Offered By: GOTO Conferences via YouTube
Course Description
Overview
Explore secure infrastructure as code practices in this 45-minute conference talk from GOTO Chicago 2023. Learn how to implement policy as code for provisioning and configuring secure infrastructure. Dive into patterns, examples, and limitations of testing infrastructure security before deployment. Follow along with demos on static and dynamic analysis, catching commits, and system configuration. Gain insights on OWASP secure coding practices applied to infrastructure as code, and discover essential techniques for writing and testing secure infrastructure. Perfect for infra engineers and cloud explorers looking to enhance their security knowledge in the realm of infrastructure as code.
Syllabus
Intro
OWASP secure coding practices
What about infrastructure as code?
How do you write secure infrastructure as code?
Capture secure knowledge as tests
Demo
What commits to catch?
System configuration
Demo
There's more!
Demo
What's important?
Conclusion
Outro
Taught by
GOTO Conferences
Related Courses
Addressing Algorithmic BiasGOTO Conferences via YouTube Empowering Consumers - Evolution of Software in the Future
GOTO Conferences via YouTube Why Static Typing Came Back
GOTO Conferences via YouTube Higher Kinded Types in a Lower Kinded Language - Functional Programming in Kotlin
GOTO Conferences via YouTube It's Not Hard to Test Smart - Delivering Customer Value Faster
GOTO Conferences via YouTube