Conf42: Cloud Native 2022

...

Open Policy Agent as a Control Engine

David Melamed
Co-Founder & CTO @ Jit

David Melamed's LinkedIn account David Melamed's twitter account


In this talk we will focus on four critical security controls that will be integrated as part of the CI/CD pipeline: static application security (SAST), dependency check (SCA), infrastructure as code (IaC) and dynamic application security (DAST). Anything from your Terraform deletes to code vulnerabilities, infrastructure misconfigurations and more can be operationalized and enforced through OPA and ArgoCD or even other GitOps methods and CI tools like Github Actions. Code examples will be showcased as part of this session.

Open Policy Agent has become a very popular project in the Kubernetes ecosystem for finer-grained policy management and enforcement. OPA comes with a very convenient dev-friendly language called Rego that can be leveraged as a unified way to manage any deployment changes at scale.

In this talk we will focus on four critical security controls that will be integrated as part of the CI/CD pipeline: static application security (SAST), dependency check (SCA), infrastructure as code (IaC) and dynamic application security (DAST). Anything from your Terraform deletes to code vulnerabilities, infrastructure misconfigurations and more can be operationalized and enforced through OPA and ArgoCD. Code examples will be showcased as part of this session.

Awesome conferences for

Priority access to all content

Community Discord

Exclusive promotions and giveaways