Upgrade to Pro — share decks privately, control downloads, hide ads and more …

Shift-Left Infrastructure Compliance Testing

Mrinal Mukherjee
March 04, 2017
Technology
0
89

Shift-Left Infrastructure Compliance Testing

Talk and demo presented at the Test Automation Meetup at the TradeMe office in Wellington on 2nd March 2017.

Mrinal Mukherjee

March 04, 2017
Tweet

More Decks by Mrinal Mukherjee

See All by Mrinal Mukherjee
IgniteTalk_DevOpsDayNZ_How to select a DevOps tool
mukherjee_mk
0
38

Other Decks in Technology

See All in Technology
VSCodeの拡張機能を作っている話
ebarakazuhiro
1
500
[新卒向け研修資料] テスト文字列に「うんこ」と入れるな(2024年版)
infiniteloop_inc
4
16k
LLM開発・活用の舞台裏@2024.04.25
yushin_n
1
340
元インフラエンジニアに成る / Human Resources to Human Relations
bobtani
4
920
JSON攻略法.pdf
miyakemito
8
5.1k
アクセシビリティを考慮したUI/CSSフレームワーク・ライブラリ選定
yajihum
2
1k
Cloud Native Java with Spring Boot (CNCF Aarhus, April 2024)
thomasvitale
1
170
一生覚えておきたい「システム開発=コミュニケーション」〜初めての実務案件振り返りLT〜
maimyyym
1
150
ServiceNow Knowledge 24の歩き方 EYストラテジー・アンド・コンサルティング
manarobot
0
200
ServiceNow Knowledge Learning Rise up
manarobot
0
210
ゼロから始めるVue.jsコミュニティ貢献 / first-vuejs-community-contribution-link-and-motivation
lmi
1
130
Google Cloud の AI を支える裏側のインフラを垣間見る!
maroon1st
0
350

Featured

See All Featured
Imperfection Machines: The Place of Print at Facebook
scottboms
260
12k
Testing 201, or: Great Expectations
jmmastey
28
6.4k
Docker and Python
trallard
34
2.7k
Intergalactic Javascript Robots from Outer Space
tanoku
266
26k
Automating Front-end Workflow
addyosmani
1356
200k
Visualizing Your Data: Incorporating Mongo into Loggly Infrastructure
mongodb
34
8.9k
YesSQL, Process and Tooling at Scale
rocio
164
13k
It's Worth the Effort
3n
180
27k
Teambox: Starting and Learning
jrom
128
8.4k
Visualization
eitanlees
136
14k
Navigating Team Friction
lara
178
13k
The Language of Interfaces
destraynor
151
23k

Transcript

  1. Mrinal Mukherjee Sr. Consultant - Technology mukherjee_mk https://www.linkedin.com/in/mrinalmukherjee

  2. None

  3. Infrastructure Compliance? - Secure IT Infrastructure from malicious attacks -

    Uniform configurations across IT Infrastructure - Industry standards (PCI, CSI) are enforced

  4. The world of surprises! - Manual compliance validation - Irregular

    cadence of compliance validation - Remediation is costly - A bit too late at times!

  5. Shift-Left Infrastructure Compliance - Embed infrastructure compliance in delivery pipeline

    - Detect compliance issues earlier - fix them earlier - Avoid surprises at a later stage!

  6. Inspec - Compliance as Code - Open-source testing framework -

    Specify compliance, security and policy requirements - Command-line Interface (CLI)

  7. Demo

  8. Chef Compliance - Checks infrastructure for compliance rules - Doesn’t

    need Chef software to run on the VMs under test - Prebuilt (CIS) and custom ‘Compliance Profiles’ - Continuously monitor compliance - Audit reports and analytics - Integrates with Inspec - Can be invoked from a ‘stage’ of a CI system