Be the first to like this
Cloud Native Night December 2018, Munich: Talk by Andreas Zitzelsberger (@andreasz82, Principal Software Architect at QAware)
Join our Meetup: www.meetup.com/cloud-native-muc
Abstract: Currently, security and compliance are two separate worlds. There are numerous roles involved which do not collaborate well. The sheer complexity involved in both fields leads to costly mistakes and often, to only a one-time token effort.
At the heart of the problem, it’s about managing policies.
We show how we apply engineering virtues like automation, abstraction and creating interfaces to policy management, resulting in a methodology and tool set helping security and compliance to work in unison towards better and more secure products, while reducing headaches to those involved.
Beispiel für Policies in der Infrastruktur: Kubernetes Admission Control mit Post-Processing und OPA (Open Policy Agent) Showcase:
Beispiel für Policies in der Anwendung: Micronaut mit OPA Demo