Menu

As informações desta página não estão completamente disponíveis no seu idioma de escolha. Esperamos disponibiliza-las integralmente em outros idiomas em breve. Para ter acesso às informações no idioma de sua preferência, faça o download do PDF aqui.

Técnicas

Analisador automatizado da configuração de infraestrutura

NOT ON THE CURRENT EDITION
This blip is not on the current edition of the radar. If it was on one of the last few editions it is likely that it is still relevant. If the blip is older it might no longer be relevant and our assessment might be different today. Unfortunately, we simply don't have the bandwidth to continuously review blips from previous editions of the radarUnderstand more
Apr 2019
Experimente?

Já há algum tempo recomendamos um maior controle do time de desenvolvimento sobre toda sua stack, incluindo a infraestrutura. Isso significa maior responsabilidade do próprio time de desenvolvimento para configurar a infraestrutura de maneira segura, protegida e em conformidade com padrões da organização. Ao adotar estratégias de nuvem, a maioria das organizações usa como padrão uma configuração bem controlada e centralizada para reduzir riscos, mas isso também cria gargalos substanciais de produtividade. Uma abordagem alternativa é permitir que os times gerenciem sua própria configuração e usem um analisador automatizado da configuração de infraestrutura para garantir que a configuração seja definida de maneira segura e protegida. As opções incluem analisadores de código aberto, como prowler para AWS e kube-bench para Kubernetes. Para uma detecção mais contínua, vale a pena olhar para plataformas de nuvem como a AWS Config Rules, entre outros serviços comerciais.

Nov 2018
Avalie?

For some time now we've recommended increased delivery team ownership of their entire stack, including infrastructure. This means increased responsibility in the delivery team itself for configuring infrastructure in a safe, secure, and compliant way. When adopting cloud strategies, most organizations default to a tightly locked-down and centrally managed configuration to reduce risk, but this also creates substantial productivity bottlenecks. An alternative approach is to allow teams to manage their own configuration, and use an Infrastructure configuration scanner to ensure the configuration is set in a safe and secure way. Watchmen is an interesting tool, built to provide rule-driven assurance of AWS account configurations that are owned and operated independently by delivery teams. Scout2 is another example of configuration scanning to support secure compliance.

May 2018
Avalie?

For some time now we've recommended increased delivery team ownership of their entire stack, including infrastructure. This means increased responsibility in the delivery team itself for configuring infrastructure in a safe, secure, and compliant way. When adopting cloud strategies, most organizations default to a tightly locked-down and centrally managed configuration to reduce risk, but this also creates substantial productivity bottlenecks. An alternative approach is to allow teams to manage their own configuration, and use an Infrastructure configuration scanner to ensure the configuration is set in a safe and secure way. Watchmen is an interesting tool, built to provide rule-driven assurance of AWS account configurations that are owned and operated independently by delivery teams. Scout2 is another example of configuration scanning to support secure compliance.