Track A: Crafting Comprehensive Cloud Compliance
Whether you are formally regulated or are simply looking to demonstrate your commitment to security and governance with best practice guidance, Infrastructure-as-a-Service and Platform-as-a-Service offerings provide unique governance challenges. These platforms offer a wide array of services, each with their own security controls that must be continuously tested against a trusted standard. At the same time, public cloud platforms also host more traditional services such as virtual machines, containers and storage buckets, where risks including old unpatched software - and hence vulnerabilities, sloppy credentials embedded in a test script, misplaced PII, or keys that facilitate lateral movement are hiding within your workloads.
Join Patrick Pushor as he discusses how to build fully functional compliance guardrails at both the deep workload and broad cloud services levels with a single, simple approach.