Securing platform engineering: Embedding security controls, policies, and monitoring by design

Krishna Chaitanya Rudraraju shares a practical framework for integrating security into platform engineering by design. Drawing on experience with securing cloud-native environments, Rudraraju outlines how Policy-as-Code tools, such as ARM templates, CloudFormation, and Terraform, can enforce consistent security and prevent misconfigurations across diverse cloud providers. The session also covers best practices for implementing IAM, RBAC, and Zero Trust architectures to minimize unauthorized access while maintaining scalability. Rudraraju explores the role of automated compliance and runtime observability using tools like eBPF and OpenTelemetry to monitor workloads and detect anomalies in real time. Attendees will gain a clear understanding of how to embed security into infrastructure and platform workflows, ensuring systems remain secure and compliant while enabling fast, reliable delivery. Learn more: https://platformcon.com/sessions/securing-platform-engineering-embedding-security-controls-policies-and-monitoring-by-design