less risky business way to reduce cloud native provisioning issues

Sangam Biradar 

Advocacy Manager  Tenable


national vulnerability database statistics 

Provisioning Layer In Cloud Native 

cloud misconfiguration is still big security problem ...

OPA - Open Policy Agent

What is Policy ?

  • policy consist of rules . we may query this policies for making decisions 
  • for programmer perspective  its just decisions making statement ex: if-else 

What Does OPA Bring on Table?

How Does OPA Work?

fix cloud misconfigurations & other security exposures

Detect compliance and security violations across Infrastructure as Code to mitigate risk before provisioning cloud native infrastructure.

Key features

Demo1 - Secure Terraform Misconfiguration with terrascan 

Demo2 - Secure kubernets app

Scan Summary -

        File/Folder         :   /Users/sangam/Documents/GitHub/alldaydevops2021/vul-k0s-helm-docker/kubeyaml
        IaC Type            :   k8s
        Scanned At          :   2021-10-18 08:08:30.920245 +0000 UTC
        Policies Validated  :   41
        Violated Policies   :   27
        Low                 :   9
        Medium              :   14
        High                :   4

Demo3 -  Use Terrascan Rego Editor to Write Own Policies 

Thanks You!



if you like this open source project  give git star