Enterprises find that they have specific requirements imposed by their business, internal policies, or their particular auditors. As an organisation’s cloud environments continue to scale and grow, how do you ensure that the number of growing resources are adhering to your security standards and compliance requirements? In this webinar, we’ll learn about how to use cloud native services such as AWS config and custom config rules, to automate audits in a rapidly changing environment and ensure we achieve continuous detection of existing and newly launched AWS resources along with their levels of compliance to enterprise security requirements.
Security policies and standards can be difficult to decipher by developers or the business. Using a behaviour driven development approach, we can define our security requirements to scenario based tests in Gherkin, making it easy for developers and the business to understand the requirement. Security Operations teams or developers can then build scenario based tests as well as develop the associated lambda function for their custom Config Rule. The Rules Development Kit (RDK) for Config Rules is an open-source command-line utility designed to help you shorten the development time of custom Config Rules by up to 5 times. In this session, we’ll cover how to use the RDK to write unit tests and build the lambda functions for the custom Config Rule in python, and ensure it behaves as per our requirements defined in Gherkin.