Automating Infrastructure as Code best practices with ARM and Checkov | Azure Thames Valley – YouTube

The security function in most development environments is broken. With engineers focused on features and DevOps allowing them to move rapidly and self-provision around their own hurdles, it’s impossible for reactive, traditional security tools to keep up with an ever changing production environment. Even with a security engineer within the team, the chance of catching every bad-default in Terraform, an accidental “False” that needed to be true in ARM, or hidden * in a wide-open access policy is next to impossible with the ever growing suite of cloud services.

In this talk, we’ll show how, (with very little effort) to shift security left into code, enabling automated scanning and highlighting of security risks at build time, with helpful remediation advice for all. Knowing is the first step to improving, and automation makes knowing easy. You bring your CI pipeline, we’ll show you how.

Like this episode? Please like the video, subscribe to the channel and hit the notification bell so that you know as soon as there’s new content!.

Listen in on
YouTube – –
Google Podcasts –
Apple Podcasts –
PocketCasts –
Spotify –
Stitcher –

Want to be a guest?
Have a topic suggestion? Create a GitHub issue at

Don’t forget to like and mention us on Facebook at
Prefer Twitter? Then give us a like and a retweet over at


Author: Chris Reddington

Share This Post On