Upcoming events

New York

October 15–17, 2025

Berlin

November 3–4, 2025

London

June 2–3, 2026

Meetups

Painless compliance, and a thousand audits a day

Turn compliance into code: automate audits, integrate with CI/CD, and achieve painless, continuous, zero-drama compliance.

Speakers: Germán Fuentes Capella

Germán Fuentes Capella – LeadDev Berlin 2025 Hero

Register or log in to access this video

Create an account to access our free engineering leadership content, free online events and to receive our weekly email newsletter. We will also keep you up to date with LeadDev events.

Register with google

We have linked your account and just need a few more details to complete your registration:

Terms and conditions

 

 

Enter your email address to reset your password.

 

A link has been emailed to you - check your inbox.



Don't have an account? Click here to register
November 14, 2025

What if audits weren’t painful, but automatic? Discover how to turn compliance into code, eliminate fire drills, and run a thousand audits a day, without breaking a sweat.

We deploy code a thousand times a day, yet when it comes to compliance we still use spreadsheets like it is 1985. Endless paperwork. Manual reviews. Last-minute fire drills. We’ve all been there.

It does not have to be this way.

This talk challenges that status quo. It introduces a practical, forward-thinking approach where compliance is automated, seamlessly integrated into CI/CD pipelines, and capable of detecting risks in real time. Where engineers get instant feedback without switching context. Where compliance is just part of the dev flow, not a blocker at the end of it.

So, what does painless compliance actually look like?

First, we need to treat compliance the same way we treat customer requirements: as features. Not as 400-page PDFs filled with legalese, but as clear, structured requirements defined in our own language, tailored to our systems. When we do this, we unlock real conversations, reduce ambiguity, and make compliance understandable and actionable.

Next comes the magic: automated validation. It’s not enough to say we’ve implemented a control, we need to prove it, continuously. If storage encryption is required, we don’t just enable it. We generate dashboards that prove it’s working. We build reports that our compliance teams can take straight into the audit, with no disruption to engineering.

And we monitor it. If something goes out of compliance, be it unencrypted storage or misconfigured access, we get alerted immediately. No surprises, no scrambling before an audit.

And here’s the best part: if you’re in the cloud, you already have everything you need to do this today.

A thousand audits a day. One click. Zero drama. Not only is it possible, it’s the future. Let’s build it.

Key takeaways

  • Compliance can be automated
  • Treat compliance as a product requirement
  • Prove, don’t just implement
  • Empower engineers with instant feedback
  • You already have the tools
Slides

About the speaker

  • Germán Fuentes Capella
    Germán Fuentes Capella

    Germán Fuentes Capella is a CISO focused on automation, with 15 years of experience working in FinTech companies across Europe.

More like this

Jinal Hitesh Mehta - LDX NYC 2025 talk

Supply chain: Data infrastructure pipeline

Discover how modern data pipelines transform supply chains, enabling real-time insights, improving data quality, and optimizing logistics through advanced analytics.

Leo Romanovsky - LDX NYC 2025 talk
Content sponsored by Eppo

Developing and supporting 12 SDKs with a team of 3

How Eppo by Datadog runs a dozen production SDKs with only a team of three, by treating them as a platform – not twelve separate codebases.

Meri Williams - LD NYC 2025 talk (2)

Tackling tech debt

A seasoned CTO shares strategies and lessons on identifying, communicating, and effectively tackling tech debt across diverse companies.

André Henry - LeadingEng New York 2025

Build features, not fragile foundations

Learn how to balance feature delivery with technical debt reduction to maintain system health, velocity, and long-term stability.