Cloud engineers need tools that help them check that the infrastructure as code templates they’re developing adhere with all applicable industry compliance standards and custom security policies. And the organization needs to ensure their developers are using those tools, and that they’re using the correct policies.In this session, Josh Stella will talk about how to establish effective, efficient, and consistent IaC security, which is critical to preventing cloud misconfiguration vulnerabilities from reaching the runtime without slowing teams down. But if teams are using a completely different system and set of policies for checking the runtime for security and compliance, things start to fall apart. He will review: -How to prevent Critical vulnerabilities from slipping through the cracks -How to use policies to govern your cloud environment -Suggestions on how to prioritize and remediate issues
OPEN TALK: Infrastructure as Code for Cloud Security
Josh Stella is co-founder, CTO, and CEO of Fugue, the company transforming cloud security to help teams move faster and stay secure. Through Fugue's masterclasses, Josh educates cloud and security professionals about cloud misconfiguration exploits and how to keep cloud infrastructure secure from attackers—often by demonstrating exploits in real time as a white hat hacker.
Previously, Josh was a Principal Solutions Architect at Amazon Web Services (AWS), where he supported customers in the area of national security. Josh also served as CTO for a technology startup and in numerous other IT leadership and technical roles over the past 25 years.
Areas Of Expertise: White Hat Hacking, AWS, Cloud Architecture, Cloud Security, Distributed Systems, Open Policy Agent (OPA)