Agile + DevOps East 2023 Concurrent Session : Continuous Security Compliance Realized: Reducing the Regulatory Burden with DevSecOps Automation

Conference archive


Wednesday, November 8, 2023 - 3:00pm to 4:00pm

Continuous Security Compliance Realized: Reducing the Regulatory Burden with DevSecOps Automation

Most organizations are subject to the rules of an ever-increasing number of regulations, while dealing with rapidly escalating endpoints and environments to test. No matter the time and resources applied to an external assessment or audit, manual processes cannot keep pace with cloud scale and growing technical complexity of modern environments. This creates distractions for technical teams and contributes to delivery inefficiencies (reduced velocity) while also increasing the risk of “non-compliance” (adverse audit findings). A “continuous compliance” approach, empowered by modern DevOps automation approaches can help teams more efficiently handle the complex web of regulatory requirements and maintain their velocity. This session will explore real world solutions to help you and your organization realize these benefits, including managing the library of regulatory, security, and other key control points as code; detecting non-compliance with policies and regulatory requirements continuously and in real time; prioritizing issues for remediation across the entire fleet to help optimize engineering resource utilization; and automating the presentation of audit evidence to provide results at any time and with minimal effort. In addition to a discussion of these concepts and approaches, this session will also provide an exclusive demonstration of compliance automation for the recently-released PCI DSS V4.0 security standard, utilizing Chef Compliance to embed compliance into the software pipeline.


Wilson Tarleton is the global leader for Protiviti’s Platform Engineering Team within the Technology Service and Modern Delivery practice specializing in DevOps tooling, optimization, Internal Development Platforms (IDP), and abstraction layer automation. Wilson leads the Protiviti partnership with Progress Chef, specializing in Infrastructure as Code, Compliance as Code, and application deployment/container & Kubernetes automation. Based in Atlanta, Wilson leads the Platform Engineering Team's advisory practice, as well as architecture and development of Protiviti's Platform Engineering Lab hosted on Azure. Wilson has over 24 years of IT engineering and IT Service Management experience across financial services, telecommunications and manufacturing industries.