In this session we will talk about shift-left cloud security by executing static IaC analysis in the SDLC as well as where IaC scan sits in the CI/CD pipeline. We will introduce languages and tools such as Rego, CodeQL and Semgrep and deep dive into the code used to check your cloud provisioning code with step-by-step examples. Be prepared for navigating through predicate logic, Abstract Syntax Tree and Control Flow Analysis!
Other content in this Stream
28:25
Raising your AWS security posture with operational excellence
As organizations move to cloud, they need to build better visibility and security into their workflows. This session will introduce native AWS security services and use cases, along with best practice
28:09
Securely managing identities and access in AWS
Using AWS Identity Services to securely manage your access can make a big difference.
26:59
Data storage and protection on AWS (featuring LeapXpert)
If you want to discover how to innovate faster, safer and more securely with your data on AWS, this is the session for you.
29:25
Increase the cyber resilience efficiency by Threat Modelling
This session will examine the latest threat trends and updates on Hong Kong regulatory requirements.