Auditing Your Automation's Access: Using More Automation
Between CI/CD pipelines, container orchestrators, and developer debugging tools, more and more automation is needed to scale your systems. But how do you know if that automation is accessing the right systems at the right time? And how do you ensure that your automation is safe from exploits by unauthorized users?
In this talk, Rosemary Wang from HashiCorp shares ways to build observability into your automation and audit access across the software development lifecycle. Rosemary outlines some techniques to maintain least-privilege access, mitigate blast radius of compromised credentials, and more.