Securing Infrastructure as Code via
Open Policy Agent (OPA)
Moving to containers and Kubernetes creates a tremendous opportunity to get security right and reduce the risk of data breach. Most organizations start their Kubernetes security efforts by ‘shifting security left’ to address issues in the CI/CD pipeline. Fixing known vulnerabilities and risky configurations before pushing images to production makes sense. But there is an opportunity to shift security even further left — as you configure your Kubernetes infrastructure — to reduce risk.
In this webinar, we will cover:
- How Infrastructure as Code (IaC) security shifts organizations further left
- The use of OPA to enforce policies across multiple IaC (Terraform, Helm, Kustomize) and Kubernetes environments
- Auto-remediating runtime drift at the source using aGitOps workflow
- Pawan Shankar, Product Marketing Director, Sysdig