Meeting Register Page

Meeting banner
Resource Tagging for Security Policy Enrichment
NOTE: NADOG and EURODOG events are for IT practitioners and IT leaders only. Sales reps, recruiters, vendors, etc may only participate as sponsors. Contact info@nadog.com for information.

Kick up your feet and join us from your desk for an interactive talk, Q&A, and virtual networking.

Speakers, Bridgecrew:
Steve Giguere, Developer Advocate
Matt Johnson, Developer Advocate Lead
Taylor Smith, Senior PMM

Title: Let's Play Tag: DevSecOps Edition! Automated IaC resource tagging strategy for security policy enrichment

Summary:

Through GitOps practices, automated security checks, and Infrastructure as Code (IaC) strategic tagging automation, we can begin to build pre-flight and runtime policy-as-code to ensure that misconfigured and insecure resource definitions are caught prior to deployment. When resource misconfiguration or drift is discovered at runtime, a consistent tagging strategy allows resources to be traced back to the appropriate commit. This reveals a best fix location and author to vastly reduce MTTR. To show how this all works, we'll use a combination of open source solutions: Checkov (IaC Policy and Scanning) + Yor (IaC Tag and Trace)

Jul 22, 2021 04:00 PM in Eastern Time (US and Canada)

Loading
* Required information