Interview with DevSecOps security expert, Chris Hughes
In this 11-minute Zoomcast, Chris Hughes explains how developing infrastructure-as-code (IaC) to support cloud-native computing enhances asset inventory, version and quality control, risk management and compliance.
“Since Developers are in position to catch configuration mistakes earliest in the lifecycle, where better to shift left than before you even provision infrastructure,” he says. “With IaC, automated tools can pull in your existing infrastructure and govern it with version control pipelines and configuration checks, which are very important for highly-regulated industries with industrial control systems and other critical networks of that nature.”
Resources Cited:
- AWS config conformance packs to assess against compliance frameworks and auto remediate findings
- Azure regulatory compliance dashboard that scores your cloud infrastructure’s regulatory compliance
{{ script_embed(‘wistia’, ’66asra1v7j’, ”, ‘inline,responsive’) }}
