Session Name: Embedding security in your Terraform and Cloudformation code
Planning, provisioning, and changing infrastructure have become vital parts of application development. Incorporating infrastructure-as-code into software development is also helping cloud security practitioners prevent bad configurations upstream, without inflating development backlogs. In this session, we’ll cover a simple method to write, test, and maintain infrastructure-as-code at scale using policy-as-code. We will discuss common open-source packages, integrated development environment plug-ins, continuous integration, and more. We’ll also review sample use cases that showcase the benefits of preventing cloud misconfigurations on Terraform/CloudFormation at build-time as opposed to preventing them at run-time, using the open-source tool https://github.com/bridgecrewio/checkov/ and other open source tools
Barak Schoster @BarakSchoster is CTO and Co-founder at Bridgecrew, working from Israel Tel Aviv, Helping teams secure cloud infrastructure. Often contributing to open source projects including Checkov, Prowler, and others. He has previously worked for RSA focused on cybersecurity machine learning and big data architecture as well as at Fortscale and IDF tech unit. When not writing code or talking about it, Barak loves to spend time at the beach with his kids.