Solving security issues in public cloud at Salesforce’s scale is only possible by investing heavily in automation, establishing guardrails, and making security easier for developers.
Salesforce’s Infrastructure Security initiatives focus on shifting security left via automation and establishing preventative security controls to eliminate holes in the environment before they appear.
In this talk, attendees will learn how we prevent systemic security issues at scale, limit Privilege Escalation opportunities, and reduce the blast radius in the case of a security breach. We will share our lessons learned from working as a cross-functional security team, embedding with engineering teams to uplift our security posture in new and innovative ways.
We will cover how our initiatives in AWS Service Control Policies, AWS IAM automation, Open Policy Agent, and Cloudsplaining OSS make security easier for developers and the principles that have been critical to our success.