The rapid adoption of Infrastructure-as-Code (IaC) in modern DevSecOps practices has brought with it a much-needed way to secure our as-code infrastructure configurations–both from human error and misconfigurations, known vulnerabilities, and even exposures due to poor IAM and GitOps practices. In this talk, we will run through the most popular open source IaC security scanners that every DevSecOps professional should utilize, everything from Checkov, Terrascan, through Kics among others. These scanners provide comprehensive static code analysis for platforms like Terraform, AWS CloudFormation, and Kubernetes, identifying security risks and compliance violations in IaC templates. But what if we could supercharge these excellent tools with the help of AI to extend detection capabilities and enable more rapid remediation? We’ll wrap up with a live demo for how to leverage advanced machine learning algorithms and AI to incorporate decades of domain expertise to deliver advanced detection rules, enable the identification of novel vulnerabilities and anomalous behavior, and other potential security risks based on existing data and known patterns.
Currently CPO and Co-Founder of Jit, the Continuous Security Platform for Developers. Aviram is a software engineer at heart that moved to the "dark side" of Product Management. Aviram has more than 20 years of hands-on experience in engineering and has held senior managerial roles in both engineering and product management organizations, working for leading organizations such as CyberArk & SentinelOne. He always strives to create great products that users love. Thanks to his engineering background, Aviram is on a constant journey to create high-velocity product and engineering teams that work together as one team. Aviram holds B.Sc & M.Sc in Computer Engineering, MBA and MA in Law.