Better Security with IaC

Logo
Presented by

Ed Moyle, Director of Software and Security Systems | Drake Software

About this talk

One of the most transformative recent shifts within application development in a cloud context is the rise of IaC -- infrastructure as code technologies like Terraform and CloudFormation. As organizations make more use of IaC, it's important for security organizations to pay attention. Why? Because IaC changes the risk equation -- it introduces some new potential risks, and can help close some existing ones. This discussion aims to answer these questions: • Why/how IaC requires thinking about security of assets a new way. • Artifacts produced by IaC and how they can help us. • Security “gotchas” and things to watch out for when changing to IaC. • How you can tailor your security program in light of IaC. Ed Moyle is currently Director of Software and Systems Security for Drake Software. In his 20 years in information security, Ed has held numerous positions including: Director of Thought Leadership and Research for ISACA, Application Security Principal for Adaptive Biotechnologies, Senior Security Strategist with Savvis, Senior Manager with CTG, and Vice President and Information Security Officer for Merrill Lynch Investment Managers. Ed is co-author of Cryptographic Libraries for Developers and Practical Cybersecurity Architecture, and a frequent contributor to the Information Security industry as author, public speaker, and analyst.
Related topics:

More from this channel

Upcoming talks (9)
On-demand talks (627)
Subscribers (209384)
This channel features presentations by leading experts in the field of information security. From application, computer, network and Internet security to access control management, data privacy and other hot topics, you will walk away with practical advice for your strategic and tactical information security initiatives.