Publication
Red Hat Summit 2024
Talk

Using automation to mitigate risk and enforce policy compliance

View publication

Abstract

IT organizations are struggling to scale and keep up with the increasing number of regulatory programs, changing controls requirements, and continuous compliance expectations. Automation can help teams automate policies and govern compliance in their regulated environments so that the development experience is tuned to the regulations rules and the applications are systematically validated before deployment. With Ansible pipelines for compliance, teams can now: Complete the validation or enforcement on their controls automatically. Administer remediations or mitigation actions. Gather the required evidence and posture for their audit reports. This technology makes it easier for teams to automate policies and bridge them to compliance to regulate development and deployment. It has flexibility in controls, rules, and policy and actions and can be used by teams without an extended project or deep coding skills. In this session, we'll discuss: How to get started.Policy as code automation via Open Policy Agent (OPA) engine. Compliance as code authoring via Trestle. The solution's flexibility due to its architecture and usability. Join this session to learn more about how to take the next step with your automation strategy.