In today's fast paced digital environment where your ability to compete depends on your rate of innovation, how are companies balancing the need to innovate against the need to comply with regulatory obligations across a complex landscape of applications and controls? How do we free our developers from the burden of point in time control assurance activities and transition to a seamless continuous compliance regime? What if we could apply the security policies implicitly across the SDLC and generate evidence automatically as code is built, deployed and propagated across environments, with real-time telemetry of security enforcement and control effectiveness? We will explore some strategies on how to achieve continuous real-time compliance at enterprise scale and hear from Keysight on their transformation journey.