Explore the concept of treating organizational policies as versioned code in this 36-minute DevSecCon talk by Chris Nesbitt-Smith. Trace the origins of policy inception and learn how traditional approaches can become unwieldy, difficult to update, and challenging to measure for compliance. Discover how to apply software development patterns and product-oriented thinking to policy management, enabling continuous updates that keep pace with evolving risks. Gain insights on creating policies that are agile, non-obstructive, and easily measurable for compliance. Learn from Chris's extensive experience in critical infrastructure, government services, and Kubernetes implementation to improve organizational efficiency and address common dysfunctions in policy management.
Policy as Versioned Code - Managing Organizational Policies with Software Development Practices
Overview
Syllabus
Policy as [versioned] code by Chris Nesbitt-Smith
Taught by
DevSecCon
Related Courses
-
Policy as Versioned Code - Managing Organizational Policies Effectively
-
Policy as Versioned Code - How to Do Day 2 Operations
-
Policy as Versioned Code - You're Doing It Wrong
-
Policy as Versioned Code
-
Pod Security Policy is Dead, Long Live... What's Next?
-
Deploying Policy-as-Code with Readable Rego Policies and Open Policy Agent
