DevSecOps Workflow With Automated Inspec
Inspec is a platform-agnostic tool, built on rspec, used to check live-systems for policy compliance. Onyx Point has been working on building a STIG profile to supplement the Scap Security Guide, and have written custom helpers to run the profile(s) automatically as part of an acceptance suite. In this session, Onyx Point will discuss compliance, security, DevOps, and specifically how users could integrate Inspec profiles to begin a migration from DevOps to DevSecOps. More specifically, the presentation will answer the following questions:
– What does Onyx Point do?
– What is compliance and how does it relate to security?
– Why should you care about compliance and Who does it affect?
– Where does compliance/security fit into the DevOps cycle?
– How do you implement DevSecOps?
– When can you implement it?
BTree is proud to host this event at its Herndon, VA facility. Please join us at this meetup to learn, share knowledge and network with DevSecOps community in the region. Food and drinks will be provided at the event.
Look forward to meeting all of you at the event. Do share this meetup with your friends as well so that they can benefit too from the learnings.