Untangling OPA Security for Cloud Native Stacks

Open Policy Agent (OPA) allows us to reign in security management across the cloud native stack. OPA hooks into your deployment pipeline and understands your core primitives in a cloud-native world such as your microservices, Kubernetes, cloud IaaS/PaaS, and service mesh architectures. While this all sounds great, it can get messy pretty quickly as your systems increase in complexity and your OPA policies expand. This presentation explores managing OPA policies as code, and demonstrates verification techniques to understand the relationships between policy rules and your services and software-defined architecture.


Jack Mannino

CEO @nVisium

Jack is the CEO at nVisium and loves solving problems in the field of application security. With experience building, breaking, and securing software, he founded nVisium in 2009 to invent new and more efficient ways of protecting software. He focuses on solutions for making secure development scale within the SDLC.

Find Jack Mannino at:


Learn more about the organizations that joined us on this journey