In this episode of The Landscape, we talk with Anca Sailer, Distinguished Engineer at IBM, about the challenges of compliance in regulated environments—and how cloud-native tools are evolving to help. Anca introduces OSCAL Compass, a CNCF sandbox project that helps organizations automate continuous compliance using compliance-as-code principles. As regulatory demands grow in AI, finance, and cybersecurity, many teams are moving from quarterly audits to validating compliance every 12 hours. OSCAL Compass provides an SDK and authoring platform for the OSCAL standard, letting teams generate machine-readable artifacts and deploy them through policy engines like Kyverno and OPA. For startups hoping to serve regulated industries, Anca emphasizes the importance of choosing the right policy engine based on domain-specific needs and policy types—whether configuration-driven or audit-based.