Overview
Explore the concept of treating organizational policies as versioned code in this 36-minute DevSecCon talk by Chris Nesbitt-Smith. Trace the origins of policy inception and learn how traditional approaches can become unwieldy, difficult to update, and challenging to measure for compliance. Discover how to apply software development patterns and product-oriented thinking to policy management, enabling continuous updates that keep pace with evolving risks. Gain insights on creating policies that are agile, non-obstructive, and easily measurable for compliance. Learn from Chris's extensive experience in critical infrastructure, government services, and Kubernetes implementation to improve organizational efficiency and address common dysfunctions in policy management.
Syllabus
Policy as [versioned] code by Chris Nesbitt-Smith
Taught by
DevSecCon