We are living in the age of the App where the term "low-level" likely refers to APIs instead of networks. In the world where public cloud is becoming the default, it's easy to forget how we got to a place where network access and availability is a given and you can build a successful startup without ever plugging in a server (or knowing what actually plugs in to a server for that matter). As organizations continue to adapt to this rapidly changing environment, a myriad of technology solutions create a complex support environment. We will discuss the intersection between DevOps culture and defense-in-depth from the infrastructure automation perspective, addressing common security concerns and mitigating approaches. Throughout the talk we keep in mind that customers and developers alike are all end-users of the complex systems we build and maintain.