Security as Code

In a fast moving DevOps world it is all about enabling teams to move faster. Autonomy is key to get to a higher pace of innovation. But… Does autonomy mean that everybody can do everything? Even on production? Definitely not, but how do you balance between autonomy and restictions. When it comes to security and permissions this is a hard topic. How do you (or the security officer) keep track if everything is compliant? How can you restrict permissions without killing the speed and autonomy of your development teams?

Like with everything else in our industry, code is the answer. In this session Geert and Rene will tell you about their ideas of implementing Security as Code. How thinking about security in a different way can avoid manual security settings and avoids configuration drift in the future. They will show you the open source library they are creating to achieve this goal and talk about how they implemented these principles at several companies.



Geert van der Cruijsen


Geert van der Cruijsen is a Mobile First, Cloud First Architect & Consultant working for Xpirit. He helps his customers make the step to adopt an engineering culture and improve their modern


Rene van Osnabrugge

My name is René van Osnabrugge. I work as DevOps Consultant at Xpirit. My personal motto is: “Continuous improvement!” I seek challenge in the fact that there is always a better way. I ...