Cloud Security in CI/CD with AWS CodePipeline, AWS CloudFormation & Fugue

Logo
Presented by

Aidan O'Connor, Senior Solutions Engineer, at Fugue-A part of Snyk

About this talk

Recently, Fugue explored how cloud engineering and DevOps teams can use Fugue to check the security of infrastructure as code (IaC)—and running cloud environments—using the same set of policies. In this session, Aidan O'Connor will focus specifically on performing security checks on AWS CloudFormation IaC for AWS in AWS CodePipeline. Aidan will cover using policy as code (Open Policy Agent) and Fugue to automatically check for misconfigurations in CloudFormation (JSON and YAML), and options for how to handle violations. What Attendees Will Learn Leveraging Fugue’s pre-built cloud security and compliance rules for CloudFormation security Integrating automated IaC security checks in CI/CD workflows using AWS CodePipeline Extending cloud security coverage to your AWS runtime environment using the same policies
Related topics:

More from this channel

Upcoming talks (0)
On-demand talks (26)
Subscribers (2869)
Snyk (pronounced sneak) is a developer security platform for securing custom code, open source dependencies, containers, and cloud infrastructure all from a single platform. Snyk’s developer security solutions enable modern applications to be built securely, empowering developers to own and build security for the whole application, from code & open source to containers & cloud infrastructure. Secure while you code in your IDE: find issues quickly using the scanner, fix issues easily with remediation advice, verify the updated code. Integrate your source code repositories to secure applications: integrate a repository to find issues, prioritize with context, fix & merge. Secure your containers as you build, throughout the SDLC: start fixing containers as soon as your write a Dockerfile, continuously monitor container images throughout their lifecycle, and prioritize with context. Secure build and deployment pipelines: Integrate natively with your CI/CD tool, configure your rules, find & fix issues in your application, and monitor your applications. Secure your apps quickly with Snyk’s vulnerability scanning and automated fixes - Try for Free!