https://platformengineering.org logo
#general
Title
# general
k

Karolina Junčytė

06/30/2022, 11:06 AM
Security and IaC Security gets often forgotten in cloud native setups, but many orgs face security threats and, frankly, quite often issues are noticed only after release. IaC can help. Here is my summary of reasons why IaC is key to detect issues before they reach runtime: • Speed. IaC automated tools provide an instant workflow of processes that also prevents misconfigurations due to human error and minimizes security risks. • Scalability. For rapidly growing businesses, security practices must be implemented at the same rate of expansion (if not faster). Usage of IaC tools increases scalability as IT teams can roll out new applications with security embedded throughout the process. • Consistency. In order to avoid the time-consuming monitoring process of whether or not security policies are up to date, IaC eliminates the documentation process because all the infrastructure is defined as code. • Accountability. As IaC provides accurate data cycling in an environment, every misconfiguration can be detected easily without guessing or spending time finding the person responsible for any discrepancies. • Reduced costs. Businesses that use IaC save money on hardware and additional people to operate that hardware. It also minimizes “recovery costs” from any type of cyberattacks. • CISOs new best friend. CISOs not only have to secure the enterprise, but to simultaneously drive growth at the same time. IaC helps CISOs achieve both of these goals by preventing problems before deployment. What other aspects would you excerpt here?
1
a

agustingomes

06/30/2022, 12:20 PM
Pardon my question, but what
IaC
stands for?
k

Karolina Junčytė

06/30/2022, 12:59 PM
Infrastructure as Code
b

Bruno Dias

07/01/2022, 7:56 PM
I think you can add reproducibility to perform pen tests in a controlled environment easily replicated
🙌 1
h

Haydn

07/05/2022, 2:39 PM
I would also add something around DIE. Distributed, Immutable and Ephemeral. Especially related to IaC (https://www.copado.com/devops-hub/blog/making-die-model-security-vs-the-cia-security-triad-complementary-not-competitive)
26 Views