search menu icon-carat-right cmu-wordmark

Continuous Security for IaC in GitOps

This talk by Yoni Leitersdorf, Optimist and CEO & Founder, Indeni, was presented at DevSecOps Days Pittsburgh 2021.

Software Engineering Institute




Infrastructure-as-Code shifts the power of cloud infrastructure provisioning into the developer's hands. As IaC becomes ubiquitous, security expertise remains in short supply. How do you scalably manage security as part of rapid development cycles? In this talk, we will show how to enable IaC automated scanning and incorporate infrastructure protection into your DevOps pipeline. We will discuss different techniques to detect drift, causing compliance issues, or how to avoid overly permissive IAM permissions leading to privilege escalation. This session is a soup-to-nuts walkthrough of the IaC security journey; from manual to automated security reviews, from static to dynamic analysis, all being part of the GitOps journey.

What can you expect to learn?

  • Common security misconfigurations found in cloud environments
  • What scan tools and techniques exist, and when to choose what technique
  • How to chart a roadmap to implement IaC security automation as you mature your GitOps adoption

Yoni is the CEO & Founder of Indeni. He is also the CISO of Indeni. Coding since age six, his enthusiasm for automation and security has strongly influenced his career. Before Indeni, he served at the world-renowned IDF 8200 unit, where he managed a team of programmers and won the esteemed Israeli Security Prize given by the president.

Download the graphic recording or watch the video on YouTube.