Cloud Native Security Part 4: Policy as Code and Automated Governance
Traditional compliance and risk management techniques don’t scale in cloud-native environments—manual processes are now an anti-pattern for good security.
We have cloud guardrails, modern CI/CD systems, and observability tools to gather data and manage risks at your organization, but it’s not that easy. A 2023 CISO Report from Chainguard found that 73% of developers agree that the work/tools their security team requires them to use interferes with their productivity and innovation
Well-implemented and properly maintained Policy as Code allows us to transform requirements into code, automatically assessing, monitoring, and enforcing the rules that our organizations need to abide by. Not only that, but data-driven Governance allows us to quickly understand what the rules are, why, and if it’s more important to follow the rules, or update them.
Join SANS Instructor and Zenable Founder/CEO Jon Zeolla to explore how automation can bridge the gap between regulatory and compliance requirements and cloud-native security. We will discuss the ecosystem of tools which can be used to write and enforce Policy as Code, best practices for deploying it at scale, and architectural patterns for aligning Policy as Code with business agility.
This webcast supports content and knowledge from SEC540: Cloud Native Security and DevSecOps Automation™. To learn more about this course, explore upcoming sessions, and access your FREE demo, click here.
