Explore secure infrastructure as code practices in this 45-minute conference talk from GOTO Chicago 2023. Learn how to implement policy as code for provisioning and configuring secure infrastructure. Dive into patterns, examples, and limitations of testing infrastructure security before deployment. Follow along with demos on static and dynamic analysis, catching commits, and system configuration. Gain insights on OWASP secure coding practices applied to infrastructure as code, and discover essential techniques for writing and testing secure infrastructure. Perfect for infra engineers and cloud explorers looking to enhance their security knowledge in the realm of infrastructure as code.