Upgrade to Pro — share decks privately, control downloads, hide ads and more …

How Cloud Native Improves & Ensures Security, G...

How Cloud Native Improves & Ensures Security, Governance, and Trust in Finance - Financial Sector Webinar Series, Episode 03

Watch the recording of this talk.

Trust is vital for financial institutions, aiding in attracting and retaining customers, and providing a competitive edge. Compliance and governance are also crucial, making them fundamental to banking operations. New cloud native tools and practices, like DevSecOps, though seemingly daunting, can actually enhance these security and compliance. For example, the shift from long-lasting VMs to short-lived, immutable containers allows applications to be compliant from inception and remain so in production. The integration of application developers in security, as part of DevSecOps initiatives, can further boost security and compliance. But, this approach requires new tools and methods. In this third talk, we'll discuss these new tools and methods such: - The use of guard rails and templates to ensure standards are met in containerized applications. - Tools that facilitate centralized governance and reporting across numerous distributed container workloads. - Software Bill of Materials (SBOM) creation and automation to ensure a secure software supply chain. Join financial services veteran Darran Rice and transformation expert Michael Coté to hear how banks are using cloud native tools and practices to ensure security and compliance.

Coté

July 11, 2023
Tweet

More Decks by Coté

Other Decks in Technology

Transcript

  1. Confidential │ © VMware, Inc. How Cloud Native Improves &

    Ensures Security, Governance, and Trust in Finance @ Financial Services Institutions Darran Rice & Coté VMware Tanzu July 11th, 2023
  2. Confidential │ © VMware, Inc. From monoliths to cloud native

    apps Monolith All components in one runtime. All processing takes place in that runtime. No network reliance. N-Tier Each component in separate runtime. Processing takes place in each runtime. Components communicate over a network. Cloud Native Each component broken down into services all running in own runtime. Processing takes place in individual runtime. High network dependency for all components to communicate over network. Client Server Access components run in client runtime. All other app components run in one runtime. Processing takes place in client and in app component runtime. Client to Server communications over network.
  3. Confidential │ © VMware, Inc. 5 To secure cloud native

    apps, “shift left” security work & verification It’s not just dumping responsibility on developers, it’s collaborating on security earlier
  4. Confidential │ © VMware, Inc. 6 Access Control & Data

    Handling Policy Templates & Guardrails Continuous Demonstration of Compliance
  5. Confidential │ © VMware, Inc. CD CODE CI Continuous Demonstration

    of Security and Compliance Version Control Build Deploy Operate Automated container packaging Compliance and Security Image Registry Scan for security and compliance violations • K8s Workload misconfiguration • Image vulnerabilities • Malware and file reputation • Secrets Harden/Identify Risk Continuously scan images Harden/Identify Risk Enforce Security and compliance standards • Image vulnerability by severity • K8s Workload configuration • Image file reputation and secrets Harden/Identify Risk Prevent unauthorized workloads • Prevent Vulnerable images • Enforce Compliance standards • Workload Risk Prevent Enforce workload config to reduce risk • Workload permission and exposure • Resource limits • Workload labels and setup Remediate
  6. Confidential │ © VMware, Inc. 11 Next Steps… Ask how

    much time you spend demonstrating compliance? Find your unsupported Spring & Java apps Free one hour consultation to bootstrap your cloud native security plan
  7. Confidential │ © VMware, Inc. 14 Make sure you join

    us for the next instalment of the Financial Sector Webinar Series 28 June: Session 1 – Customer Experience & Innovation Learn how banks are moving from a project to a product software model to innovate and improve banking services and remain competitive. 4 July: Session 2 – Escaping the Legacy Trap Learn how banks are modernizing the legacy app portfolios that are holding them back. Attendees will also receive a free copy of Escaping the Legacy Trap that details the process large organizations are using to modernize their legacy application portfolio. 11 July: Session 3 – How Cloud Native Improves & Ensures Security, Governance, and Trust in Finance Hear how banks are using cloud native tools and practices to ensure security and compliance.