In many organizations, security policy is enforced during or after deployment, often through manual actions performed by security experts. Given the reliance on manual processes and people with the right expertise, it is very difficult to ensure that deployed infrastructure meets security guidelines. It’s an even bigger problem as modern development teams increase their build and release velocity.
Policy as Code shifts the burden of enforcing security policy to automated processes run during the build process, ensuring consistent enforcement of the security policy prior to deployment. This helps teams accelerate release velocity by increasing automation and repeatability, while also improving security and visibility.