DEV Community

3 2

The perils of configuration security

A MyDevSecOps live session from Feb 26, 2020 by Gareth Rushgrove

With the growth of cloud and API-driven infrastructure, came infrastructure as code. This movement shifted the management of configuration from a mainly hidden part of IT, to a larger and more explicit part of software development. If you’re not writing YAML files you’re probably writing tools to write YAML files.

But an incorrectly configured application can have an outsized impact on the common security challenges of confidentiality, integrity and availability.

In this discussion we’ll look at:

  • Examples of real-world hacks related to configuration issues

  • The problems found in projects like Kubernetes that have a large configuration surface area

  • What it looks like to apply application security approaches to infrastructure as code

  • Demos of tools that are emerging to help test configuration

This session should be of interest to developers and operators struggling with the explosion of configuration as well as security analysts interested in the higher level emerging problem of configuration security.

Image of Datadog

The Future of AI, LLMs, and Observability on Google Cloud

Datadog sat down with Google’s Director of AI to discuss the current and future states of AI, ML, and LLMs on Google Cloud. Discover 7 key insights for technical leaders, covering everything from upskilling teams to observability best practices

Learn More

Top comments (0)

Image of Datadog

Create and maintain end-to-end frontend tests

Learn best practices on creating frontend tests, testing on-premise apps, integrating tests into your CI/CD pipeline, and using Datadog’s testing tunnel.

Download The Guide

πŸ‘‹ Kindness is contagious

Dive into an ocean of knowledge with this thought-provoking post, revered deeply within the supportive DEV Community. Developers of all levels are welcome to join and enhance our collective intelligence.

Saying a simple "thank you" can brighten someone's day. Share your gratitude in the comments below!

On DEV, sharing ideas eases our path and fortifies our community connections. Found this helpful? Sending a quick thanks to the author can be profoundly valued.

Okay