Kendall Moore
I spent 5 years as an NSA DevOps Engineer where I focused on automating OS hardening to federal compliance standards. Following NSA, I spent 8 years as a certified Puppet consultant primarily focusing on large, highly regulated industries. Now as CTO of Sicura, I focus on automating secure infrastructure so that engineers can continue to be efficient at building security into their environments at scale.
Sessions
Managing compliance in infrastructure as code environments is essential but can be daunting. Enter compliance_engine, a new open-source Ruby gem designed to streamline the mapping of compliance standards to Puppet code. Building on the foundation of SIMP's compliance_markup, this reimagined backend prioritizes performance, flexibility, and maintainability.
In this session, we’ll explore the evolution from compliance_markup to compliance_engine, highlighting the architectural improvements that make it faster and easier to use. We’ll dive into real-world examples, demonstrating how the gem simplifies the enforcement of compliance policies, reduces complexity, and supports emerging standards. Attendees will gain insights into the challenges of implementing compliance as code and learn how compliance_engine can transform their approach to regulatory compliance in Puppet environments.