DevConf.CZ 2020

Do you want to automate security compliance to comply with not only industry standard security standards, but also to adhere to your organization’s specific security policies? In this workshop, you’ll learn how OpenSCAP and ComplianceAsCode project can help you to automate security compliance. You will:
- Learn about the ComplianceAsCode project to build security content from the source.
- Learn the basics of automated security scanning and remediations using OpenSCAP security scanner.
- Customize provided existing security content using SCAP Workbench.
- Create your own security policy from scratch.
- Learn about the Open Vulnerability and Assessment Language (OVAL) to write automated configurable security checks.
- Learn how to use Ansible with the ComplianceAsCode project to generate Ansible playbooks.

Note: Please bring your Laptop. This workshop is a self-paced lab with short introduction and instructor assistance.