BSides Atlanta 2022

Cyber Defense with Security as Code
2022-08-27 , Room 402 - "Re-Imagine" track

"Why are things like Deployment Consistency, Automated Scanning, Secrets Management, Configuration Drift, Disaster Recovery, Dynamic Provisioning, and Version Control all so important from a security perspective. For some this may be a rhetorical question with a set of obvious answers, for others, not so much.

As organizations move infrastructure to the cloud, the need for automating processes has become a requirement. No longer can Operations administrators spend countless hours clicking through web interfaces to deploy or configure cloud assets, it is too time consuming and more importantly prone to human error. In most organizations it's the IT Operations teams that are primarily responsible for deploying and configuring these assets and many of these people often have little code development experience. I come from an IT Operations background and want to show you how simple it can be to get started with source control and deploying resources in the Cloud. We will also dive into why we should care from a security perspective and what it means going forward."

David Hall has more than 23 years experience in cybersecurity and IT operations. He is currently a Senior Customer Engineer at Microsoft specializing in cybersecurity. Before joining Microsoft in 2018 he served more than 21 years in the Army as a Signal Warrant Officer. He finished his Army career as an Instructor at the US Army Cyber Center Of Excellence, FT Gordon GA, teaching Microsoft Official curricula. He is also a former collegiate Adjunct Instructor and enjoys sharing knowledge with the community through his blog and YouTube channel at (https://www.cyberautomate.io)