Wednesday 29 September 2021
This event has finished.
Started 18:00 PM
Finished 19:00 PM
Organized by Data and Analytics Lisbon
Address: Online event on your device
About this eventIF YOU’D LIKE TO ATTEND LIVE AND/OR GET THE RECORDING, MAKE SURE TO SIGN UP HERE AND NOT JUST ON MEETUP http://cycode.com/securing-infrastructure
Wed, September 29th, 2021
10:00 AM - 11:00 AM PST
Moving applications and development to the cloud has delivered both operational benefits at scale. Faster release cycles and microservices architectures drive complexity and a need for speed that can only be solved by automation via Infrastructure-as-Code (IaC). However, deploying new tools creates new attack surfaces and IaC is no different.
Whether inadvertently exposing an S3 bucket or maliciously deploying tampered applications into production, the automation inherent to the IaC amplifies mistakes and facilitates lateral movement of attackers as much as it boosts developers’ release efficiency. Just as scanning for security vulnerabilities in source code is a de-facto best practice, proactively scanning IaC must also become automated in software delivery pipelines of security-conscious organizations looking to shift left.
In this webinar, you will learn:
- About IaC and why its adoption is rapidly increasing
- Where in the SDLC you should scan
- Securing IaC in a developer-friendly way
- What types of security misconfigurations you should look for
- Preventing tampering of IaC code itself
- Preventing IaC from being used to deploy tampered applications
- Identifying drift between IaC configurations and actual production
This page last updated Saturday 25 September 2021 at 10:25.
Problems? Report an error or inappropriate listing here.
Information displayed here is provided in good faith but we are not responsible for the content of any listing. Sometimes events can be cancelled or changed at short notice. Please check with the venue or organizer before you travel!