{
  "$type": "site.standard.document",
  "bskyPostRef": {
    "cid": "bafyreieabwee425hxt56zsfclvqtsjkrrq6qp4ckz2h6bzk3nsjbjjifla",
    "uri": "at://did:plc:gapzbf5nl5wxaqkqoecaeawh/app.bsky.feed.post/3mhxm2wgd3tr2"
  },
  "path": "/security-as-code-is-becoming-the-new-baseline-continuous-compliance-in-devops/",
  "publishedAt": "2026-03-26T06:04:53.000Z",
  "site": "https://devops.com",
  "tags": [
    "AI",
    "Blogs",
    "Contributed Content",
    "DevOps Practice",
    "Social - Facebook",
    "Social - LinkedIn",
    "Social - X",
    "admission control Kubernetes",
    "automated audit logs",
    "CIS benchmarks automation",
    "Cloud-native governance",
    "continuous compliance",
    "devsecops automation",
    "DORA compliance DevOps",
    "EU Cyber Resilience Act security",
    "infrastructure as code security",
    "platform engineering security",
    "policy as code",
    "Rego policy enforcement",
    "Security as Code 2026",
    "security feedback loops",
    "SOC 2 continuous monitoring"
  ],
  "textContent": "There was a time when compliance meant a quarterly ritual. Someone from security would walk over with a spreadsheet, ask a few questions, tick a few boxes and disappear until the next audit cycle. The infrastructure team would scramble to prove that yes, encryption was enabled, and no, that S3 bucket was not public anymore. Everyone felt relieved, […]",
  "title": "Security as Code is Becoming the New Baseline: Continuous Compliance in DevOps"
}