Please log in to watch this conference skillscast.
An event-driven architecture uses events to trigger targets and communicate between decoupled services to achieve massive scale and flexibility.
This architectural pattern can also be applied to security as code. When applying this event-driven security architecture pattern, you can automatically detect security devitations and trigger automated security remediations. This security infrastructure can be defined as code and deployed as part of a continuous delivery pipeline.
In this session, Paul Duvall, a founder and former CTO of an AWS Premier Consulting Provider and an AWS DevTools Hero, will discuss and demonstrate scalable architectures that integrate Amazon EventBridge, AWS Config Rules, AWS Lambda, AWS Systems Manager, and AWS Step Functions to detect and remediate security deviations across an AWS environment. What’s more, you will see how to automate the deployment pipeline that provisions these security resources as code.
YOU MAY ALSO LIKE:
- Hands‑on Microservices Architecture and Design Workshop with Chris Richardson (Online Workshop on 7th - 17th June 2022)
- Intermediate Docker with Matt Saunders (Online Workshop on 3rd - 6th October 2022)
- YOW! London: In-Person (in London on 22nd - 23rd September 2022)
- YOW! London: Online (Online Conference on 22nd - 23rd September 2022)
- How to Use Powerful Rituals for More Success (Online Meetup on 12th July 2022)
- Security as Code: A DevSecOps Approach (SkillsCast recorded in February 2022)
- Software Architecture in a DevOps World (SkillsCast recorded in February 2022)
Event-Driven Security Detection and Remediation as Code
Paul Duvall is a founder and former CTO of an AWS Premier Consulting Provider with the DevOps and Security Competencies. He holds multiple AWS certifications and has architected, implemented, and managed software and systems solutions for over 20 years. He is principal author of Continuous Integration: Improving Software Quality and Reducing Risk (Addison-Wesley, 2007), a 2008 Jolt Award Winner.
He is also the author of many other publications including Continuous Compliance on AWS and Continuous Encryption on AWS, and Continuous Security on AWS which are part of Addison-Wesley's DevSecOps on AWS Series. He hosted the DevOps on AWS Radio podcast for over three years.
He enjoys blogging and speaking on all topics related to DevSecOps, Serverless, and AWS.