NOTE: NADOG and EURODOG events are for IT practitioners and IT leaders only. Sales reps, recruiters, vendors, etc may only participate as sponsors. Contact email@example.com for information.
Kick up your feet and join us from your desk for an interactive talk, Q&A, and virtual networking.
Steve Giguere, Developer Advocate
Matt Johnson, Developer Advocate Lead
Taylor Smith, Senior PMM
Title: Let's Play Tag: DevSecOps Edition! Automated IaC resource tagging strategy for security policy enrichment
Through GitOps practices, automated security checks, and Infrastructure as Code (IaC) strategic tagging automation, we can begin to build pre-flight and runtime policy-as-code to ensure that misconfigured and insecure resource definitions are caught prior to deployment. When resource misconfiguration or drift is discovered at runtime, a consistent tagging strategy allows resources to be traced back to the appropriate commit. This reveals a best fix location and author to vastly reduce MTTR. To show how this all works, we'll use a combination of open source solutions: Checkov (IaC Policy and Scanning) + Yor (IaC Tag and Trace)