DevOps and Regulatory Compliance, two critically important ingredients in today’s connected society. The first enables you to move quickly and respond to change in an era where change is increasing at an exponential rate and shows no sign of slowing down. The second protects your organization from exposure from hackers, privacy, and internal corruption and seems to require a slow and methodical approach to risk management. These two ideas appear to be incompatible at first glance, but they actually go together like peanut butter and jelly. While maintaining, analyzing, confirming, and reporting on the status of required information security, compliance, and privacy controls is a difficult and significant task for our industry, integrating it within your DevOps/Continuous Delivery pipeline is easier than you think. Using examples taken from real-world projects in companies just like yours, you will see how to integrate compliance and reporting into your projects using tools such as Pair Programming, Jenkins, Chef, Metasploit, and others. When it comes to compliance, it’s not about Oil and Water, it’s “Peanut Butter Jelly Time”.