Ritesh Hegde
Sr Staff Platform Engineering - SPH Media
Actions
Singapore CNCG Chapter Lead, Singapore HUG Leader, Singapore Global AI Organizer, Hashicorp Ambassador, Microsoft MVP
Links
Securing Terraform IaC with Vault Radar
The Challenge: In the age of Infrastructure as Code (IaC), HashiCorp Terraform has become the standard for provisioning cloud resources. However, the speed of development often leads to a critical security vulnerability: secrets sprawl, where sensitive credentials are accidentally hardcoded into configuration files and committed to version control.
The Solution: This 30-minute session will explore how to close this security gap by combining the power of Terraform with HashiCorp Vault Radar. We will demonstrate the inherent risks of hardcoding secrets in IaC and introduce Vault Radar as the essential tool for continuous, high-fidelity secret detection across your repositories.
Key Takeaways:
Understand the critical security risk posed by hardcoded secrets in Terraform code.
Learn what HCP Vault Radar is and how it provides continuous secret scanning across your data sources (e.g., GitHub, GitLab).
Discover the secure, integrated workflow: using Terraform to manage the Vault Radar configuration itself, and leveraging Vault Radar's remediation capabilities to move discovered secrets into a secure store.
Walk away with a clear strategy for shifting security left and ensuring your IaC is not only efficient but also inherently secure.
Implementing Policy as Code with Sentinel in HCP
Security and compliance must be proactively enforced rather than re-actively fixed. This session will focus on Security Guardrails in Terraform Cloud and how Sentinel, HashiCorp’s Policy as Code framework, serves as a preventive guardrail to ensure infrastructure security and compliance before deployment.
Sentinel policies can be used to automate security enforcement, preventing misconfigurations such as open security groups, unencrypted storage, and unauthorized resource provisioning.
Please note that Sessionize is not responsible for the accuracy or validity of the data provided by speakers. If you suspect this profile to be fake or spam, please let us know.
Jump to top