Moving fast and breaking things are at the core of modern software culture. This idea sounds great on paper, however it conflicts with ever-growing compliance and security demands. How could we move fast and maintain a strong foundation of security in our organization?

Git Ops has emerged as the winning framework for fast iteration. We will discuss how we can integrate security tools into our Git Ops pipelines and confidently deploy code and infrastructure changes to production hundreds of times per day.

The following topics will be discussed:
- Securing Terraform from human mistakes using policy agents and static code analysis tools
- Protecting our Kubernetes clusters from misconfiguration using admission controllers
- Building application authorization with policy-as-code
- We will demonstrate these topics using open source tools such: OPA, datree, checkov, OPAL, Zanzibar