Class Central is learner-supported. When you buy through links on our site, we may earn an affiliate commission.

YouTube

Infrastructure as Code Security Best Practices and Strategies

Conf42 via YouTube

Overview

Explore Infrastructure as Code (IaC) security best practices and strategies in this conference talk from Conf42 DevSecOps 2023. Learn how to tag resources properly, avoid insecure defaults, and regularly check for announcements in cloud platforms. Discover the importance of secret management and permission management, and understand why these practices are crucial. Gain insights on tracking and managing changes using version control tools, and how to use pipelines to automatically analyze security vulnerabilities. Be cautious when managing resources with IaC in pipelines, and learn about the risks of poisoned pipeline execution. Find out how to protect specific resources from accidental deletion or modification. This comprehensive overview covers essential aspects of securing your infrastructure as code implementations.

Syllabus

intro
preamble
about joshua
let's begin
tag resources properly
avoid insecure defaults and regurarly check for announcements in cloud platforms
secret management & permission management
why?
track and manage changes using version control tools
use pipelines to analyze security vulnerabilities automatically
be careful when managing resources with iac in pipelines!
poisoned pipeline execution
protect specific resources from accidental deletion or modification
the end

Taught by

Conf42

Reviews

Start your review of Infrastructure as Code Security Best Practices and Strategies

Never Stop Learning.

Get personalized course recommendations, track subjects and courses with reminders, and more.

Someone learning on their laptop while sitting on the floor.