Securing Ad Hoc Mutable Infrastructure

Cloud service adoption is increasing across organizations, from startups to massive enterprises. Manual manipulation and an inability to track changes throughout an environment causes a myriad of connectivity and complexity unknowns, resulting in significant difficulties in managing and auditing the security of cloud services. Securing these environments can be challenging and sometimes impossible. This talk focuses on eliminating many problems associated with traditional deployment with adding secure code reviews on infrastructure, secure secret storage, ad hod network routes, extremely restrictive access controls, and the ability to destroy and redeploy any system via automation technologies such as Packer, Vault, and Terraform.