Compliance as Code

If your business is regulated, you already know compliance is a must have. But how can you make it easier?

In an All Day DevOps session, CTO of Devoteam, Gert Jan van Halem discussed the topic of compliance as code, covering an example solution that will help you verify your product’s compliance.

What is Compliance?
In general, compliance means conforming to a set of rules that are set for you. As you can see, it’s quite a simple concept.

But while compliance is simple, when it comes to coding products, it’s also critically important—especially nowadays, with the growing number of regulations.

If you search for the word “compliance” on LinkedIn, you’ll see that there’s a demand for professionals that have compliance-related skills.

Why is Compliance Getting So Big? Why Do We Need All These Compliance Professionals?

A long time ago, compliance was simple. You had something that you had to bring into production, and you followed a simple set of rules. Then you delivered it, and it would get inspected.

But slowly and steadily, the rules started to grow, and the regulators kept adding to those rules.

So now you have lots of rules to keep in mind while building your product. And complying with all those rules is difficult. It’s a block in the developer’s way of reaching their final goal of sending the product to production.

But at the end of the day, you still need to be compliant. So developers have to follow the rules.

Awareness of Compliance

Everybody on the team understands that compliance is an important part of the product and of their jobs. They just want to be able to be compliant without a big process.

Everybody is aware of the need for compliance. But in the day-to-day, team members often just (Read more...)

*** This is a Security Bloggers Network syndicated blog from Sonatype Blog authored by Pachi Carlson. Read the original post at: https://blog.sonatype.com/compliance-as-code