{"id":16,"date":"2022-09-30T23:27:10","date_gmt":"2022-10-01T04:27:10","guid":{"rendered":"https:\/\/waratek.com\/?page_id=16"},"modified":"2023-01-29T15:53:06","modified_gmt":"2023-01-29T21:53:06","slug":"security-as-code","status":"publish","type":"page","link":"https:\/\/waratek.com\/security-as-code\/","title":{"rendered":"Security-as-Code: How to with Modern Development"},"content":{"rendered":"<h2 id=\"anchor-0\"><span data-preserver-spaces=\"true\">What is &#8220;Security-as-Code?&#8221;<\/span><\/h2>\n<p><span data-preserver-spaces=\"true\">Security-as-Code is an Application Security methodology\u00a0for\u00a0utilizing machine-readable definition files that use high-level descriptive coding language to apply immutable and continuous security behavior in the runtime or virtual machine (VM).\u00a0<\/span><\/p>\n<p><span data-preserver-spaces=\"true\">This strategy dramatically reduces the need for human intervention, offers autonomy to security teams, and frees engineers to focus on product development\u00a0rather than vulnerability remediation.<\/span><\/p>\n<p><a href=\"\/wp-content\/uploads\/2022\/10\/security-as-Code.svg\"><img decoding=\"async\" class=\"alignnone size-full wp-image-41\" src=\"\/wp-content\/uploads\/2022\/10\/security-as-Code.svg\" alt=\"\" \/><\/a><\/p>\n<h2 id=\"anchor-1\"><span data-preserver-spaces=\"true\">Why write this book?<\/span><\/h2>\n<p><span data-preserver-spaces=\"true\">There are currently a great many resources available on the internet. However, the concept of &#8220;Security-as-Code&#8221; is still in its infancy, and there is not yet widespread agreement in the Application Security community\u00a0over what precisely this concept entails.<\/span><\/p>\n<p><span data-preserver-spaces=\"true\">The problem with these sites is that their information is disorganized and geared toward the author&#8217;s agenda. There is no prominent place to begin or path to follow to acquire information regarding security as code, and very little of it is objective.<\/span><\/p>\n<p><span data-preserver-spaces=\"true\">While we offer a Security-as-Code platform, we make a conscious effort to represent Security-as-Code honestly and optimistically for what it may be \u2013 not just what we deliver today.<\/span><\/p>\n<p><span data-preserver-spaces=\"true\">Because of this, we decided to write a handbook. This page is your entry point to become an expert in Security as Code, regardless of whether you are just beginning your adventure with Security as Code or are already familiar with the fundamentals.<\/span><\/p>\n<p><span data-preserver-spaces=\"true\">In the following chapters, we will explore the following:<\/span><\/p>\n<ol>\n<li><span data-preserver-spaces=\"true\">Why Security-as-Code is a required evolution of Application Security.<\/span><\/li>\n<li><span data-preserver-spaces=\"true\">Logical characteristics Security-as-Code solutions should include using Infrastructure-as-Code as a reference point.<\/span><\/li>\n<li><span data-preserver-spaces=\"true\">How these solutions change the economics of Application Security forever.<\/span><\/li>\n<\/ol>\n","protected":false},"excerpt":{"rendered":"Security-as-Code is the practice of leveraging machine-readable definition files that use high-level descriptive coding language to apply immutable and continuous security behavior in the runtime or VM.","protected":false},"author":1,"featured_media":438,"parent":0,"menu_order":0,"comment_status":"closed","ping_status":"closed","template":"template-sac.blade.php","meta":{"footnotes":"","_links_to":"","_links_to_target":""},"class_list":["post-16","page","type-page","status-publish","has-post-thumbnail","hentry"],"yoast_head":"<!-- This site is optimized with the Yoast SEO Premium plugin v24.7 (Yoast SEO v25.4) - https:\/\/yoast.com\/wordpress\/plugins\/seo\/ -->\n<title>Security-as-Code: How to with Modern Development<\/title>\n<meta name=\"description\" content=\"Security-as-Code is an Application Security methodology\u00a0for\u00a0utilizing definition files to apply immutable and continuous security.\" \/>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/waratek.com\/security-as-code\/\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"Security-as-Code: How to with Modern Development | Waratek\" \/>\n<meta property=\"og:description\" content=\"Security-as-Code is the practice of leveraging machine-readable definition files that use high-level descriptive coding language to apply immutable and continuous security behavior in the runtime or VM.\" \/>\n<meta property=\"og:url\" content=\"https:\/\/waratek.com\/security-as-code\/\" \/>\n<meta property=\"og:site_name\" content=\"Waratek\" \/>\n<meta property=\"article:modified_time\" content=\"2023-01-29T21:53:06+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/waratek.com\/wp-content\/uploads\/2022\/10\/social-security-as-code-book.png\" \/>\n\t<meta property=\"og:image:width\" content=\"1200\" \/>\n\t<meta property=\"og:image:height\" content=\"630\" \/>\n\t<meta property=\"og:image:type\" content=\"image\/png\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:site\" content=\"@waratek\" \/>\n<meta name=\"twitter:label1\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data1\" content=\"2 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\/\/schema.org\",\"@graph\":[{\"@type\":\"WebPage\",\"@id\":\"https:\/\/waratek.com\/security-as-code\/\",\"url\":\"https:\/\/waratek.com\/security-as-code\/\",\"name\":\"Security-as-Code: How to with Modern Development\",\"isPartOf\":{\"@id\":\"https:\/\/waratek.com\/#website\"},\"primaryImageOfPage\":{\"@id\":\"https:\/\/waratek.com\/security-as-code\/#primaryimage\"},\"image\":{\"@id\":\"https:\/\/waratek.com\/security-as-code\/#primaryimage\"},\"thumbnailUrl\":\"https:\/\/waratek.com\/wp-content\/uploads\/2022\/10\/social-security-as-code-book.png\",\"datePublished\":\"2022-10-01T04:27:10+00:00\",\"dateModified\":\"2023-01-29T21:53:06+00:00\",\"description\":\"Security-as-Code is an Application Security methodology\u00a0for\u00a0utilizing definition files to apply immutable and continuous security.\",\"breadcrumb\":{\"@id\":\"https:\/\/waratek.com\/security-as-code\/#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\/\/waratek.com\/security-as-code\/\"]}]},{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/waratek.com\/security-as-code\/#primaryimage\",\"url\":\"https:\/\/waratek.com\/wp-content\/uploads\/2022\/10\/social-security-as-code-book.png\",\"contentUrl\":\"https:\/\/waratek.com\/wp-content\/uploads\/2022\/10\/social-security-as-code-book.png\",\"width\":1200,\"height\":630},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\/\/waratek.com\/security-as-code\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\/\/waratek.com\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"Security-as-Code: How to with Modern Development\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\/\/waratek.com\/#website\",\"url\":\"https:\/\/waratek.com\/\",\"name\":\"Waratek\",\"description\":\"Just another WordPress site\",\"publisher\":{\"@id\":\"https:\/\/waratek.com\/#organization\"},\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\/\/waratek.com\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"en-US\"},{\"@type\":\"Organization\",\"@id\":\"https:\/\/waratek.com\/#organization\",\"name\":\"Waratek\",\"url\":\"https:\/\/waratek.com\/\",\"logo\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/waratek.com\/#\/schema\/logo\/image\/\",\"url\":\"https:\/\/waratek.com\/wp-content\/uploads\/2022\/10\/logo-dark-small.png\",\"contentUrl\":\"https:\/\/waratek.com\/wp-content\/uploads\/2022\/10\/logo-dark-small.png\",\"width\":150,\"height\":31,\"caption\":\"Waratek\"},\"image\":{\"@id\":\"https:\/\/waratek.com\/#\/schema\/logo\/image\/\"},\"sameAs\":[\"https:\/\/x.com\/waratek\",\"https:\/\/www.linkedin.com\/company\/waratek-ltd\"]}]}<\/script>\n<!-- \/ Yoast SEO Premium plugin. -->","yoast_head_json":{"title":"Security-as-Code: How to with Modern Development","description":"Security-as-Code is an Application Security methodology\u00a0for\u00a0utilizing definition files to apply immutable and continuous security.","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/waratek.com\/security-as-code\/","og_locale":"en_US","og_type":"article","og_title":"Security-as-Code: How to with Modern Development | Waratek","og_description":"Security-as-Code is the practice of leveraging machine-readable definition files that use high-level descriptive coding language to apply immutable and continuous security behavior in the runtime or VM.","og_url":"https:\/\/waratek.com\/security-as-code\/","og_site_name":"Waratek","article_modified_time":"2023-01-29T21:53:06+00:00","og_image":[{"width":1200,"height":630,"url":"https:\/\/waratek.com\/wp-content\/uploads\/2022\/10\/social-security-as-code-book.png","type":"image\/png"}],"twitter_card":"summary_large_image","twitter_site":"@waratek","twitter_misc":{"Est. reading time":"2 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"WebPage","@id":"https:\/\/waratek.com\/security-as-code\/","url":"https:\/\/waratek.com\/security-as-code\/","name":"Security-as-Code: How to with Modern Development","isPartOf":{"@id":"https:\/\/waratek.com\/#website"},"primaryImageOfPage":{"@id":"https:\/\/waratek.com\/security-as-code\/#primaryimage"},"image":{"@id":"https:\/\/waratek.com\/security-as-code\/#primaryimage"},"thumbnailUrl":"https:\/\/waratek.com\/wp-content\/uploads\/2022\/10\/social-security-as-code-book.png","datePublished":"2022-10-01T04:27:10+00:00","dateModified":"2023-01-29T21:53:06+00:00","description":"Security-as-Code is an Application Security methodology\u00a0for\u00a0utilizing definition files to apply immutable and continuous security.","breadcrumb":{"@id":"https:\/\/waratek.com\/security-as-code\/#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/waratek.com\/security-as-code\/"]}]},{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/waratek.com\/security-as-code\/#primaryimage","url":"https:\/\/waratek.com\/wp-content\/uploads\/2022\/10\/social-security-as-code-book.png","contentUrl":"https:\/\/waratek.com\/wp-content\/uploads\/2022\/10\/social-security-as-code-book.png","width":1200,"height":630},{"@type":"BreadcrumbList","@id":"https:\/\/waratek.com\/security-as-code\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/waratek.com\/"},{"@type":"ListItem","position":2,"name":"Security-as-Code: How to with Modern Development"}]},{"@type":"WebSite","@id":"https:\/\/waratek.com\/#website","url":"https:\/\/waratek.com\/","name":"Waratek","description":"Just another WordPress site","publisher":{"@id":"https:\/\/waratek.com\/#organization"},"potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/waratek.com\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"en-US"},{"@type":"Organization","@id":"https:\/\/waratek.com\/#organization","name":"Waratek","url":"https:\/\/waratek.com\/","logo":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/waratek.com\/#\/schema\/logo\/image\/","url":"https:\/\/waratek.com\/wp-content\/uploads\/2022\/10\/logo-dark-small.png","contentUrl":"https:\/\/waratek.com\/wp-content\/uploads\/2022\/10\/logo-dark-small.png","width":150,"height":31,"caption":"Waratek"},"image":{"@id":"https:\/\/waratek.com\/#\/schema\/logo\/image\/"},"sameAs":["https:\/\/x.com\/waratek","https:\/\/www.linkedin.com\/company\/waratek-ltd"]}]}},"_links":{"self":[{"href":"https:\/\/waratek.com\/wp-json\/wp\/v2\/pages\/16","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/waratek.com\/wp-json\/wp\/v2\/pages"}],"about":[{"href":"https:\/\/waratek.com\/wp-json\/wp\/v2\/types\/page"}],"author":[{"embeddable":true,"href":"https:\/\/waratek.com\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/waratek.com\/wp-json\/wp\/v2\/comments?post=16"}],"version-history":[{"count":0,"href":"https:\/\/waratek.com\/wp-json\/wp\/v2\/pages\/16\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/waratek.com\/wp-json\/wp\/v2\/media\/438"}],"wp:attachment":[{"href":"https:\/\/waratek.com\/wp-json\/wp\/v2\/media?parent=16"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}