search menu icon-carat-right cmu-wordmark

Automating Away Your DevSecOps Toil

This session was presented by Doug Sillars of unSkript at DevSecOps Days Pittsburgh, held virtually May 11, 2023.

Software Engineering Institute

Topic or Tag



As the cloud becomes more and more complex, the surface area for attacks becomes larger and larger. Monitoring and securing your cloud infrastructure is impossible without automatic monitoring and provisioning tools.  

In this talk, we'll introduce an open source automation tool built on top of Jupyter Notebooks. The modular framework that includes hundreds of built-in actions enables you to start your automation journey in just minutes. Used by many DevOps & SRE professionals to automate away toil, we can also apply the framework to DevSecOps.

In addition, we'll build several RunBooks—one to automate least-privilege account creation and one to run periodic boundary checks around your cloud, ensuring that you are reducing your cloud's attack surface.