The adoption of infrastructure as code (IaC) practices to help automate IT operations has really taken hold in recent years. Traditional security approaches typically slow down software development life cycle and can evaporate the benefits of using IaC. A vulnerability or a misconfiguration could have a cascading impact, across multiple workloads and deployments that could enable a potential attacker to cause a lot of damage. The security-as-code approach can help to change that mindset by working with developers in a language they understand: code.”]