A recent study suggests that cloud misconfiguration is the number one risk to cloud environments in 2021. As more developers deploy infrastructure across clouds using infrastructure-as-code, the security risk is only going to grow. To quote Albert Einstein: “Intellectuals solve problems, geniuses prevent them.” With IaC, we have an opportunity to scalably prevent security risks before they manifest themselves in the cloud. This is done within the CI/CD pipeline, as part of GitOps. In this session, we will dive into the various techniques to automate security analysis of cloud infrastructure to prevent misconfigurations. We will share why different techniques are necessary to detect drift, causing security issues, or to avoid overly permissive IAM permissions leading to privilege escalation. We’ll cover:
What common misconfigurations are found in cloud environments?
What scan tools and techniques exist, and when to choose what technique?
What new technologies will cause a paradigm shift in how cloud infrastructure security is applied at scale?