Programmable Infrastructures for Cloud Compliance | Interview with DevSecOps security expert, Chris Hughes

In this 11-minute Zoomcast, Chris Hughes explains how developing infrastructure-as-code (IaC) to support cloud-native computing enhances asset inventory, version and quality control, risk management and compliance.

“Since Developers are in position to catch configuration mistakes earliest in the lifecycle, where better to shift left than before you even provision infrastructure,” he says. “With IaC, automated tools can pull in your existing infrastructure and govern it with version control pipelines and configuration checks, which are very important for highly-regulated industries with industrial control systems and other critical networks of that nature.”

Was this article helpful?
0 out of 0 found this helpful

Articles in this section

GrammaTech Resource Library
Welcome to GrammaTech's resource library. Here you will find useful information about software development in the IoT era, where devices must not only function with impeccable quality and safety but also remain resilient to cyber attacks.
Shift Left Academy
Shift Left Academy is an educational resource to help implement a security first approach. Shift Left focuses on finding and preventing defects and security vulnerabilities early in the software development process
Blog
Posts by topic including static analysis, software assurance, and binary analysis