Upgrading DevSecOps with compliance automation - Bryan Langston, Mirantis
Compliance automation is a commonly overlooked area of Kubernetes observability. The question is: how do you automate compliance to a security framework that isn’t well understood by DevSecOps teams to begin with? This lack of understanding contributes to mismanaged compliance efforts and in a worst-case scenario, audit exposures and organizational risk.
This talk will walk through an example of how to
1) map compliance controls to specific Kubernetes technical configuration
2) automate the assessment of those controls
3) visualize the assessment results. DevSecOps teams will better understand how to incorporate compliance automation alongside security automation.