Skip to main content

DevSec Collaboration: Enable Developers to Collaborate with Security Teams through Codified Policies

What if your security teams could collaborate directly with your developers by creating policies that ensure safety and compliance, while also giving your developers the ability to manage and update their software delivery workflows and processes? This empowers developers to see, understand and fix policy violations in realtime as they deliver software to production, increasing their velocity while ensuring the company’s safety.

  • Armory’s Policy Engine builds on the popular Open Policy Agent open source project
  • Write simple rules in code to enforce company policies for security and compliance
  • Automate the enforcement of these codified policies with Spinnaker
  • Execution features allow policies to be run before and after pipeline stages, and Persistence features allow policies to be evaluated when a pipeline is saved

Armory engineer Jacob Kobernik explains how Armory Policy Engine makes it possible:

This Armory Policy Engine Plugin works with both open-source Spinnaker as well as Armory’s enterprise distribution of Spinnaker, thanks to our use of the new Spinnaker Plugin Framework.