SlideShare ist ein Scribd-Unternehmen logo

Security in the DevOps pipeline of containerized core application: Case Study Finnova

Aarno Aukia
Aarno Aukia

Keynote at the Swiss CISO Summit September 2, 2020, in Zürich Switzerland Christian Reinhard, Leader Application Management, Finnova AG Bankware Aarno Aukia, CTO & Partner, VSHN - The DevOps Company Finnova offers innovative software solutions for the banking sector as a software product and also in the form of a software-as-a-service model. There are strong needs and incentives to assume responsibility for confidentiality, integrity, and availability. Christian and Aarno will present the current state of the Dev(Sec)Ops pipelines of their own products, the application management processes and automation for first- and third-party software and finally the con- tainer platforms and tools used for operational secu- rity engineering. The speakers will provide insights of challenges and experiences.

Software
1 von 23
Downloaden Sie, um offline zu lesen
24.08.2020I Finnova 1 Finnova – Christian Reinhard, Head Application Management VSHN - Aarno Aukia, CTO & Partner CISO SUMMIT ZURICH
INTRODUCTION 1 USER STORY – FROM THE IDEA TO OPENSHIFT PLATFORM 2 SECURITY WITHIN THE PLATFORM 3 4 Agenda CISO Summit 5 DEVOPS (VSHN) KEY TAKEAWAYS
Introduction 24.08.2020 I Finnova3 Digitization within Finnova
Finnova Application Management Seewen more than just Application Management 4 FINNOVA APPLICATION MANAGEMENT SEEWEN FINNOVA SOLUTIONS FINNOVA CONSULTING FINNOVA PRODUKTHAUS
INTRODUCTION 1 USER STORY – FROM THE IDEA TO OPENSHIFT PLATFORM 2 SECURITY WITHIN THE PLATFORM 3Agenda CISO Summit 4 5 DEVOPS (VSHN) KEY TAKEAWAYS
03.08.20207 A solution arises from a customer need together with the customer – Finnova Portal as a Service CMS-Portal TechnologieFinnova Omega Platform Development PartnerFinnova Open Platform Orchestrierung mit Prozessen und FIL-Services Finnova Core Betrieb des CMS-Portals im SaaS-Modell | Workshop Neobank OPERATION AND APPLICATION MANAGEMENT AT FINNOVA AM IN SEEWEN
Finnova Plattform 8 Portal as a Service Portal WAF WAF WAF Core Γ Core Γ Core Γ OMEGA Ω OMEGA Ω OMEGA Ω Finnova Core Suite 3rd Party Portal „Liferay“ – ti&m
INTRODUCTION 1 USER STORY – FROM THE IDEA TO OPENSHIFT PLATFORM 2 SECURITY WITHIN THE PLATFORM 3Agenda CISO Summit 4 5 DEVOPS (VSHN) KEY TAKEAWAYS
24.08.2020 Hier steht der Präsentationstitel I10
12 Deployment Process & Security DEV (Repository) Files (Pods) Docker Images Container (OpenShift) Betrieb AM Seewen (PRD) GitHub Code Image-Scan (Security & Compliance Policies) » Code Analyse » Image Scanning » Container Hardening Runtime » Network Security » Monitoring » Logging & Reporting » Code Security » Access » Security & Auditing SecurityDeployment
24.08.2020 Portal as a Service13 Architecture and Security
INTRODUCTION 1 USER STORY – FROM THE IDEA TO OPENSHIFT PLATFORM 2 SECURITY WITHIN THE PLATFORM 3Agenda CISO Summit KEY TAKEAWAYS 4 5 DEVOPS (VSHN)
VSHN - The DevOps Company Collaboration between Software Development (Dev) and IT-Operations (Ops) ● Automate as much as possible (“Infrastructure as code”) ● use standard services (layers of abstractions with clear API) to abstract complexity ● Cost efficient and lean way of working ● Agility: ability to react to new/changing requirements ● One team with a common goal: ship stable features ● Continuous improvement 1515 DevOps
VSHN - The DevOps Company 1616 DevOps: People, Processes & Tools
VSHN - The DevOps Company DevOps + Security Engineering = DevSecOps 1717
VSHN - The DevOps Company ● “Full Stack Audit” ● Review design document ● Every layer was custom built ○ physical hardware ○ handcrafted servers ○ manual application deployment ● Review each layer ● Review each layer again next year... 1818 Traditional IT governance
VSHN - The DevOps Company ● Standardized components ○ already audited, some even externally certified ○ re-used, economies of scale, CMMI level 5 ○ tech controls (AAI, RBAC, logs/SIEM) implemented once ○ financial controls implemented once ● Infrastructure: private/public cloud, onprem ● Ops: Container orchestration platform ● Review design document & platform configuration 1919 Cloud native IT governance
VSHN - The DevOps Company ● prevent configuration drift ○ immutable (application) infrastructure using containers ○ deploy dev/test/stage/prod envs from CI/CD ● prevent manual errors ○ validate configuration in CI/CD before deployment ○ standardization on (minimal, hardened) OS and container orchestrator ○ deployment automation removes need for (most) root prod access ● security by default ○ image scanning, dependency vulnerability management ○ process/storage/network separation of applications/environments ○ volumes & ingresspoints best practice (documentation, monitoring, backup, SSL/TLS/WAF) ○ AAI for admin & application, audit trail logging of CI/CD, control & application planes ○ key & secrets management ● 2020 IT governance controls in container platforms
VSHN - The DevOps Company ● compute resources billable by project ● self-service-onboarding possible ● autoscaling, scale-down dev envs outside office hours ● vendor procurement/due diligence/certification management ● SLA, 24x7, service process, escalation management clearly defined 2121 IT governance financial/compliance controlling
INTRODUCTION 1 USER STORY – FROM THE IDEA TO OPENSHIFT PLATFORM 2 SECURITY WITHIN THE PLATFORM 3Agenda CISO Summit KEY TAKEAWAYS 4 5 DEV OPS (VSHN)
VSHN - The DevOps Company ● Modularization ○ Modular digitalization platform enabling multi-tenancy and development autonomy ○ clearly defined layers for API and operations for alignment ● Collaboration ○ BPF orchestration engine to provide end-to-end process for Dev & Ops (Application Management) at Finnova ○ clearly defined layers for operations and specialization 2323 Key takeaways
VSHN - The DevOps Company @aarnoaukia http://about.me/aarno a@vshn.ch ETH → Google → Atrila → VSHN VSHN - The DevOps Company Since 2014, currently 45 VSHNeers in Zürich, Switzerland Helping Developers run applications on any infrastructure making both visitors happy with stability and developers happy with agility 2424 About Aarno & VSHN.ch
Come visit us for a coffee! VSHN AG - Neugasse 10 - CH-8005 Zürich - +41 44 545 53 00 - https://vshn.ch/ - info@vshn.ch https://vshn.ch/kontakt/ Follow us on Twitter! @vshn_ch 25

Empfohlen

Next gen software operations models in the cloud
Next gen software operations models in the cloudNext gen software operations models in the cloud
Next gen software operations models in the cloudAarno Aukia
 
[WSO2Con USA 2018] Architecting for Container-native Environments
[WSO2Con USA 2018] Architecting for Container-native Environments[WSO2Con USA 2018] Architecting for Container-native Environments
[WSO2Con USA 2018] Architecting for Container-native EnvironmentsWSO2
 
[WSO2Con EU 2018] OpenAPI Specification 3 - The Evolution of Swagger
[WSO2Con EU 2018] OpenAPI Specification 3 - The Evolution of Swagger[WSO2Con EU 2018] OpenAPI Specification 3 - The Evolution of Swagger
[WSO2Con EU 2018] OpenAPI Specification 3 - The Evolution of SwaggerWSO2
 
„GitOps with Flux and Flagger“
„GitOps with Flux and Flagger“„GitOps with Flux and Flagger“
„GitOps with Flux and Flagger“ConSol Consulting & Solutions Software GmbH
 
Modern Post-Exploitation Strategies - 44CON 2012
Modern Post-Exploitation Strategies - 44CON 2012Modern Post-Exploitation Strategies - 44CON 2012
Modern Post-Exploitation Strategies - 44CON 201244CON
 
[WSO2Con EU 2018] Architecting for a Container Native Environment
[WSO2Con EU 2018] Architecting for a Container Native Environment[WSO2Con EU 2018] Architecting for a Container Native Environment
[WSO2Con EU 2018] Architecting for a Container Native EnvironmentWSO2
 
Strengthen Security and Traffic Visibility on Amazon EKS with NGINX
Strengthen Security and Traffic Visibility on Amazon EKS with NGINXStrengthen Security and Traffic Visibility on Amazon EKS with NGINX
Strengthen Security and Traffic Visibility on Amazon EKS with NGINXNGINX, Inc.
 
Process Automation: an Update from the Trenches
Process Automation: an Update from the TrenchesProcess Automation: an Update from the Trenches
Process Automation: an Update from the TrenchesKris Verlaenen
 

Empfohlen

Next gen software operations models in the cloud
Next gen software operations models in the cloudNext gen software operations models in the cloud
Next gen software operations models in the cloudAarno Aukia
 
[WSO2Con USA 2018] Architecting for Container-native Environments
[WSO2Con USA 2018] Architecting for Container-native Environments[WSO2Con USA 2018] Architecting for Container-native Environments
[WSO2Con USA 2018] Architecting for Container-native EnvironmentsWSO2
 
[WSO2Con EU 2018] OpenAPI Specification 3 - The Evolution of Swagger
[WSO2Con EU 2018] OpenAPI Specification 3 - The Evolution of Swagger[WSO2Con EU 2018] OpenAPI Specification 3 - The Evolution of Swagger
[WSO2Con EU 2018] OpenAPI Specification 3 - The Evolution of SwaggerWSO2
 
„GitOps with Flux and Flagger“
„GitOps with Flux and Flagger“„GitOps with Flux and Flagger“
„GitOps with Flux and Flagger“ConSol Consulting & Solutions Software GmbH
 
Modern Post-Exploitation Strategies - 44CON 2012
Modern Post-Exploitation Strategies - 44CON 2012Modern Post-Exploitation Strategies - 44CON 2012
Modern Post-Exploitation Strategies - 44CON 201244CON
 
[WSO2Con EU 2018] Architecting for a Container Native Environment
[WSO2Con EU 2018] Architecting for a Container Native Environment[WSO2Con EU 2018] Architecting for a Container Native Environment
[WSO2Con EU 2018] Architecting for a Container Native EnvironmentWSO2
 
Strengthen Security and Traffic Visibility on Amazon EKS with NGINX
Strengthen Security and Traffic Visibility on Amazon EKS with NGINXStrengthen Security and Traffic Visibility on Amazon EKS with NGINX
Strengthen Security and Traffic Visibility on Amazon EKS with NGINXNGINX, Inc.
 
Process Automation: an Update from the Trenches
Process Automation: an Update from the TrenchesProcess Automation: an Update from the Trenches
Process Automation: an Update from the TrenchesKris Verlaenen
 
Cas d'usage ProtoStellar Cloud replatforming de l'application 1Logistic pour...
Cas d'usage ProtoStellar Cloud replatforming de l'application 1Logistic pour... Cas d'usage ProtoStellar Cloud replatforming de l'application 1Logistic pour...
Cas d'usage ProtoStellar Cloud replatforming de l'application 1Logistic pour...VMware Tanzu
 
Exposing Lambda Functions as Managed APIs
Exposing Lambda Functions as Managed APIsExposing Lambda Functions as Managed APIs
Exposing Lambda Functions as Managed APIsWSO2
 
Case management applications with BPM
Case management applications with BPMCase management applications with BPM
Case management applications with BPMKris Verlaenen
 
What Makes up a Modern Application Platform?
What Makes up a Modern Application Platform?What Makes up a Modern Application Platform?
What Makes up a Modern Application Platform?All Things Open
 
CNCF Singapore - Introduction to Envoy
CNCF Singapore - Introduction to EnvoyCNCF Singapore - Introduction to Envoy
CNCF Singapore - Introduction to EnvoyHarish
 
Avoid SPOF in Cloud-native Apps
Avoid SPOF in Cloud-native AppsAvoid SPOF in Cloud-native Apps
Avoid SPOF in Cloud-native AppsThang Chung
 
Building successful business Java apps: How to deliver more, code less, and c...
Building successful business Java apps: How to deliver more, code less, and c...Building successful business Java apps: How to deliver more, code less, and c...
Building successful business Java apps: How to deliver more, code less, and c...Red Hat Developers
 
GitLab's Acquisition Strategy & Approach
GitLab's Acquisition Strategy & ApproachGitLab's Acquisition Strategy & Approach
GitLab's Acquisition Strategy & ApproachEliran Mesika
 
Xpdays: Kubernetes CI-CD Frameworks Case Study
Xpdays: Kubernetes CI-CD Frameworks Case StudyXpdays: Kubernetes CI-CD Frameworks Case Study
Xpdays: Kubernetes CI-CD Frameworks Case StudyDenys Vasyliev
 
Meetup talk Red Hat OpenShift service mesh
Meetup talk Red Hat OpenShift service meshMeetup talk Red Hat OpenShift service mesh
Meetup talk Red Hat OpenShift service meshConSol Consulting & Solutions Software GmbH
 
Bring Service Mesh To Cloud Native-apps
Bring Service Mesh To Cloud Native-appsBring Service Mesh To Cloud Native-apps
Bring Service Mesh To Cloud Native-appsThang Chung
 
Control Kubernetes Ingress and Egress Together with NGINX
Control Kubernetes Ingress and Egress Together with NGINXControl Kubernetes Ingress and Egress Together with NGINX
Control Kubernetes Ingress and Egress Together with NGINXNGINX, Inc.
 
The what, why and how of knative
The what, why and how of knativeThe what, why and how of knative
The what, why and how of knativeMofizur Rahman
 
GitLab Product Roadmap and Approach
GitLab Product Roadmap and ApproachGitLab Product Roadmap and Approach
GitLab Product Roadmap and ApproachEliran Mesika
 
API design-first and Microservices
API design-first and MicroservicesAPI design-first and Microservices
API design-first and MicroservicesSven Bernhardt
 
Flexible, Powerful, and Easy-to-Use Ingress Load Balancing with NGINX and Ope...
Flexible, Powerful, and Easy-to-Use Ingress Load Balancing with NGINX and Ope...Flexible, Powerful, and Easy-to-Use Ingress Load Balancing with NGINX and Ope...
Flexible, Powerful, and Easy-to-Use Ingress Load Balancing with NGINX and Ope...NGINX, Inc.
 
Accelerate Your Development: CI/CD using AWS and Serverless
Accelerate Your Development: CI/CD using AWS and ServerlessAccelerate Your Development: CI/CD using AWS and Serverless
Accelerate Your Development: CI/CD using AWS and ServerlessAaronLieberman5
 
DevOps Fest 2019. Дмитрий Лагоза. CD for StartUp, cheap and furious
DevOps Fest 2019. Дмитрий Лагоза. CD for StartUp, cheap and furiousDevOps Fest 2019. Дмитрий Лагоза. CD for StartUp, cheap and furious
DevOps Fest 2019. Дмитрий Лагоза. CD for StartUp, cheap and furiousDevOps_Fest
 
MuleSoft Meetup Roma - Processi di Automazione su CloudHub
MuleSoft Meetup Roma - Processi di Automazione su CloudHubMuleSoft Meetup Roma - Processi di Automazione su CloudHub
MuleSoft Meetup Roma - Processi di Automazione su CloudHubAlfonso Martino
 
Microservice API Gateways with NGINX
Microservice API Gateways with NGINXMicroservice API Gateways with NGINX
Microservice API Gateways with NGINXGeoffrey Filippi
 
DevSecOps: Bringing security to the DevOps pipeline
DevSecOps: Bringing security to the DevOps pipelineDevSecOps: Bringing security to the DevOps pipeline
DevSecOps: Bringing security to the DevOps pipelineAarno Aukia
 
DevSecOps - Security in DevOps
DevSecOps - Security in DevOpsDevSecOps - Security in DevOps
DevSecOps - Security in DevOpsAarno Aukia
 

Weitere ähnliche Inhalte

Was ist angesagt?

Cas d'usage ProtoStellar Cloud replatforming de l'application 1Logistic pour...
Cas d'usage ProtoStellar Cloud replatforming de l'application 1Logistic pour... Cas d'usage ProtoStellar Cloud replatforming de l'application 1Logistic pour...
Cas d'usage ProtoStellar Cloud replatforming de l'application 1Logistic pour...VMware Tanzu
 
Exposing Lambda Functions as Managed APIs
Exposing Lambda Functions as Managed APIsExposing Lambda Functions as Managed APIs
Exposing Lambda Functions as Managed APIsWSO2
 
Case management applications with BPM
Case management applications with BPMCase management applications with BPM
Case management applications with BPMKris Verlaenen
 
What Makes up a Modern Application Platform?
What Makes up a Modern Application Platform?What Makes up a Modern Application Platform?
What Makes up a Modern Application Platform?All Things Open
 
CNCF Singapore - Introduction to Envoy
CNCF Singapore - Introduction to EnvoyCNCF Singapore - Introduction to Envoy
CNCF Singapore - Introduction to EnvoyHarish
 
Avoid SPOF in Cloud-native Apps
Avoid SPOF in Cloud-native AppsAvoid SPOF in Cloud-native Apps
Avoid SPOF in Cloud-native AppsThang Chung
 
Building successful business Java apps: How to deliver more, code less, and c...
Building successful business Java apps: How to deliver more, code less, and c...Building successful business Java apps: How to deliver more, code less, and c...
Building successful business Java apps: How to deliver more, code less, and c...Red Hat Developers
 
GitLab's Acquisition Strategy & Approach
GitLab's Acquisition Strategy & ApproachGitLab's Acquisition Strategy & Approach
GitLab's Acquisition Strategy & ApproachEliran Mesika
 
Xpdays: Kubernetes CI-CD Frameworks Case Study
Xpdays: Kubernetes CI-CD Frameworks Case StudyXpdays: Kubernetes CI-CD Frameworks Case Study
Xpdays: Kubernetes CI-CD Frameworks Case StudyDenys Vasyliev
 
Bring Service Mesh To Cloud Native-apps
Bring Service Mesh To Cloud Native-appsBring Service Mesh To Cloud Native-apps
Bring Service Mesh To Cloud Native-appsThang Chung
 
Control Kubernetes Ingress and Egress Together with NGINX
Control Kubernetes Ingress and Egress Together with NGINXControl Kubernetes Ingress and Egress Together with NGINX
Control Kubernetes Ingress and Egress Together with NGINXNGINX, Inc.
 
The what, why and how of knative
The what, why and how of knativeThe what, why and how of knative
The what, why and how of knativeMofizur Rahman
 
GitLab Product Roadmap and Approach
GitLab Product Roadmap and ApproachGitLab Product Roadmap and Approach
GitLab Product Roadmap and ApproachEliran Mesika
 
API design-first and Microservices
API design-first and MicroservicesAPI design-first and Microservices
API design-first and MicroservicesSven Bernhardt
 
Flexible, Powerful, and Easy-to-Use Ingress Load Balancing with NGINX and Ope...
Flexible, Powerful, and Easy-to-Use Ingress Load Balancing with NGINX and Ope...Flexible, Powerful, and Easy-to-Use Ingress Load Balancing with NGINX and Ope...
Flexible, Powerful, and Easy-to-Use Ingress Load Balancing with NGINX and Ope...NGINX, Inc.
 
Accelerate Your Development: CI/CD using AWS and Serverless
Accelerate Your Development: CI/CD using AWS and ServerlessAccelerate Your Development: CI/CD using AWS and Serverless
Accelerate Your Development: CI/CD using AWS and ServerlessAaronLieberman5
 
DevOps Fest 2019. Дмитрий Лагоза. CD for StartUp, cheap and furious
DevOps Fest 2019. Дмитрий Лагоза. CD for StartUp, cheap and furiousDevOps Fest 2019. Дмитрий Лагоза. CD for StartUp, cheap and furious
DevOps Fest 2019. Дмитрий Лагоза. CD for StartUp, cheap and furiousDevOps_Fest
 
MuleSoft Meetup Roma - Processi di Automazione su CloudHub
MuleSoft Meetup Roma - Processi di Automazione su CloudHubMuleSoft Meetup Roma - Processi di Automazione su CloudHub
MuleSoft Meetup Roma - Processi di Automazione su CloudHubAlfonso Martino
 
Microservice API Gateways with NGINX
Microservice API Gateways with NGINXMicroservice API Gateways with NGINX
Microservice API Gateways with NGINXGeoffrey Filippi
 

Was ist angesagt? (20)

Cas d'usage ProtoStellar Cloud replatforming de l'application 1Logistic pour...
Cas d'usage ProtoStellar Cloud replatforming de l'application 1Logistic pour... Cas d'usage ProtoStellar Cloud replatforming de l'application 1Logistic pour...
Cas d'usage ProtoStellar Cloud replatforming de l'application 1Logistic pour...
 
Exposing Lambda Functions as Managed APIs
Exposing Lambda Functions as Managed APIsExposing Lambda Functions as Managed APIs
Exposing Lambda Functions as Managed APIs
 
Case management applications with BPM
Case management applications with BPMCase management applications with BPM
Case management applications with BPM
 
What Makes up a Modern Application Platform?
What Makes up a Modern Application Platform?What Makes up a Modern Application Platform?
What Makes up a Modern Application Platform?
 
CNCF Singapore - Introduction to Envoy
CNCF Singapore - Introduction to EnvoyCNCF Singapore - Introduction to Envoy
CNCF Singapore - Introduction to Envoy
 
Avoid SPOF in Cloud-native Apps
Avoid SPOF in Cloud-native AppsAvoid SPOF in Cloud-native Apps
Avoid SPOF in Cloud-native Apps
 
Building successful business Java apps: How to deliver more, code less, and c...
Building successful business Java apps: How to deliver more, code less, and c...Building successful business Java apps: How to deliver more, code less, and c...
Building successful business Java apps: How to deliver more, code less, and c...
 
GitLab's Acquisition Strategy & Approach
GitLab's Acquisition Strategy & ApproachGitLab's Acquisition Strategy & Approach
GitLab's Acquisition Strategy & Approach
 
Xpdays: Kubernetes CI-CD Frameworks Case Study
Xpdays: Kubernetes CI-CD Frameworks Case StudyXpdays: Kubernetes CI-CD Frameworks Case Study
Xpdays: Kubernetes CI-CD Frameworks Case Study
 
Meetup talk Red Hat OpenShift service mesh
Meetup talk Red Hat OpenShift service meshMeetup talk Red Hat OpenShift service mesh
Meetup talk Red Hat OpenShift service mesh
 
Bring Service Mesh To Cloud Native-apps
Bring Service Mesh To Cloud Native-appsBring Service Mesh To Cloud Native-apps
Bring Service Mesh To Cloud Native-apps
 
Control Kubernetes Ingress and Egress Together with NGINX
Control Kubernetes Ingress and Egress Together with NGINXControl Kubernetes Ingress and Egress Together with NGINX
Control Kubernetes Ingress and Egress Together with NGINX
 
The what, why and how of knative
The what, why and how of knativeThe what, why and how of knative
The what, why and how of knative
 
GitLab Product Roadmap and Approach
GitLab Product Roadmap and ApproachGitLab Product Roadmap and Approach
GitLab Product Roadmap and Approach
 
API design-first and Microservices
API design-first and MicroservicesAPI design-first and Microservices
API design-first and Microservices
 
Flexible, Powerful, and Easy-to-Use Ingress Load Balancing with NGINX and Ope...
Flexible, Powerful, and Easy-to-Use Ingress Load Balancing with NGINX and Ope...Flexible, Powerful, and Easy-to-Use Ingress Load Balancing with NGINX and Ope...
Flexible, Powerful, and Easy-to-Use Ingress Load Balancing with NGINX and Ope...
 
Accelerate Your Development: CI/CD using AWS and Serverless
Accelerate Your Development: CI/CD using AWS and ServerlessAccelerate Your Development: CI/CD using AWS and Serverless
Accelerate Your Development: CI/CD using AWS and Serverless
 
DevOps Fest 2019. Дмитрий Лагоза. CD for StartUp, cheap and furious
DevOps Fest 2019. Дмитрий Лагоза. CD for StartUp, cheap and furiousDevOps Fest 2019. Дмитрий Лагоза. CD for StartUp, cheap and furious
DevOps Fest 2019. Дмитрий Лагоза. CD for StartUp, cheap and furious
 
MuleSoft Meetup Roma - Processi di Automazione su CloudHub
MuleSoft Meetup Roma - Processi di Automazione su CloudHubMuleSoft Meetup Roma - Processi di Automazione su CloudHub
MuleSoft Meetup Roma - Processi di Automazione su CloudHub
 
Microservice API Gateways with NGINX
Microservice API Gateways with NGINXMicroservice API Gateways with NGINX
Microservice API Gateways with NGINX
 

Ähnlich wie Security in the DevOps pipeline of containerized core application: Case Study Finnova

DevSecOps: Bringing security to the DevOps pipeline
DevSecOps: Bringing security to the DevOps pipelineDevSecOps: Bringing security to the DevOps pipeline
DevSecOps: Bringing security to the DevOps pipelineAarno Aukia
 
DevSecOps - Security in DevOps
DevSecOps - Security in DevOpsDevSecOps - Security in DevOps
DevSecOps - Security in DevOpsAarno Aukia
 
DevSecOps: Bringing security to the DevOps pipeline
DevSecOps: Bringing security to the DevOps pipelineDevSecOps: Bringing security to the DevOps pipeline
DevSecOps: Bringing security to the DevOps pipelineAarno Aukia
 
DevSecOps: Bringing security to the DevOps pipeline
DevSecOps: Bringing security to the DevOps pipelineDevSecOps: Bringing security to the DevOps pipeline
DevSecOps: Bringing security to the DevOps pipelineAarno Aukia
 
IT Governance and Security Architecture in Docker, Kubernetes, OpenShift
IT Governance and Security Architecture in Docker, Kubernetes, OpenShiftIT Governance and Security Architecture in Docker, Kubernetes, OpenShift
IT Governance and Security Architecture in Docker, Kubernetes, OpenShiftAarno Aukia
 
Wie macht man aus Software einen Online-Service in der Cloud
Wie macht man aus Software einen Online-Service in der CloudWie macht man aus Software einen Online-Service in der Cloud
Wie macht man aus Software einen Online-Service in der CloudAarno Aukia
 
DevOps & DevSecOps in Swiss Banking
DevOps & DevSecOps in Swiss BankingDevOps & DevSecOps in Swiss Banking
DevOps & DevSecOps in Swiss BankingAarno Aukia
 
Accelerating Enterprise Software Engineering with Platformless
Accelerating Enterprise Software Engineering with PlatformlessAccelerating Enterprise Software Engineering with Platformless
Accelerating Enterprise Software Engineering with PlatformlessWSO2
 
Automate your NGINX Environment with the Ansible Collection for NGINX Controller
Automate your NGINX Environment with the Ansible Collection for NGINX ControllerAutomate your NGINX Environment with the Ansible Collection for NGINX Controller
Automate your NGINX Environment with the Ansible Collection for NGINX ControllerNGINX, Inc.
 
Azure Days 2019: Get Connected with Azure API Management (Gerry Keune & Stefa...
Azure Days 2019: Get Connected with Azure API Management (Gerry Keune & Stefa...Azure Days 2019: Get Connected with Azure API Management (Gerry Keune & Stefa...
Azure Days 2019: Get Connected with Azure API Management (Gerry Keune & Stefa...Trivadis
 
NFVO based on ManageIQ - OPNFV Summit 2016 Demo
NFVO based on ManageIQ - OPNFV Summit 2016 DemoNFVO based on ManageIQ - OPNFV Summit 2016 Demo
NFVO based on ManageIQ - OPNFV Summit 2016 DemoManageIQ
 
Streamlining Python Development: A Guide to a Modern Project Setup
Streamlining Python Development: A Guide to a Modern Project SetupStreamlining Python Development: A Guide to a Modern Project Setup
Streamlining Python Development: A Guide to a Modern Project SetupFlorian Wilhelm
 
Onboarding process made agile with confluent and flowabl
Onboarding process made agile with confluent and flowablOnboarding process made agile with confluent and flowabl
Onboarding process made agile with confluent and flowablmimacom
 
Infrastructure as Code in Large Scale Organizations
Infrastructure as Code in Large Scale OrganizationsInfrastructure as Code in Large Scale Organizations
Infrastructure as Code in Large Scale OrganizationsXebiaLabs
 
Manchester MuleSoft Meetup #8 - 28 Sept.pptx
Manchester MuleSoft Meetup #8 - 28 Sept.pptxManchester MuleSoft Meetup #8 - 28 Sept.pptx
Manchester MuleSoft Meetup #8 - 28 Sept.pptxAkshata Sawant
 
MuleSoft Manchester Meetup #4 slides 11th February 2021
MuleSoft Manchester Meetup #4 slides 11th February 2021MuleSoft Manchester Meetup #4 slides 11th February 2021
MuleSoft Manchester Meetup #4 slides 11th February 2021Ieva Navickaite
 
DevOps Digital Transformation: A real life use case enabled by Alien4Cloud
DevOps Digital Transformation: A real life use case enabled by Alien4CloudDevOps Digital Transformation: A real life use case enabled by Alien4Cloud
DevOps Digital Transformation: A real life use case enabled by Alien4CloudCloudify Community
 
Implementing API-led Cloud-native apps on OCI
Implementing API-led Cloud-native apps on OCIImplementing API-led Cloud-native apps on OCI
Implementing API-led Cloud-native apps on OCISven Bernhardt
 
Nagios Consulting Implementation and Maintenance
Nagios Consulting Implementation and MaintenanceNagios Consulting Implementation and Maintenance
Nagios Consulting Implementation and MaintenanceRazak Mohammed Ali
 
cFactory v4 Launch Workshop for Partners
cFactory v4 Launch Workshop for PartnerscFactory v4 Launch Workshop for Partners
cFactory v4 Launch Workshop for PartnersHenk Uyttenhove
 

Ähnlich wie Security in the DevOps pipeline of containerized core application: Case Study Finnova (20)

DevSecOps: Bringing security to the DevOps pipeline
DevSecOps: Bringing security to the DevOps pipelineDevSecOps: Bringing security to the DevOps pipeline
DevSecOps: Bringing security to the DevOps pipeline
 
DevSecOps - Security in DevOps
DevSecOps - Security in DevOpsDevSecOps - Security in DevOps
DevSecOps - Security in DevOps
 
DevSecOps: Bringing security to the DevOps pipeline
DevSecOps: Bringing security to the DevOps pipelineDevSecOps: Bringing security to the DevOps pipeline
DevSecOps: Bringing security to the DevOps pipeline
 
DevSecOps: Bringing security to the DevOps pipeline
DevSecOps: Bringing security to the DevOps pipelineDevSecOps: Bringing security to the DevOps pipeline
DevSecOps: Bringing security to the DevOps pipeline
 
IT Governance and Security Architecture in Docker, Kubernetes, OpenShift
IT Governance and Security Architecture in Docker, Kubernetes, OpenShiftIT Governance and Security Architecture in Docker, Kubernetes, OpenShift
IT Governance and Security Architecture in Docker, Kubernetes, OpenShift
 
Wie macht man aus Software einen Online-Service in der Cloud
Wie macht man aus Software einen Online-Service in der CloudWie macht man aus Software einen Online-Service in der Cloud
Wie macht man aus Software einen Online-Service in der Cloud
 
DevOps & DevSecOps in Swiss Banking
DevOps & DevSecOps in Swiss BankingDevOps & DevSecOps in Swiss Banking
DevOps & DevSecOps in Swiss Banking
 
Accelerating Enterprise Software Engineering with Platformless
Accelerating Enterprise Software Engineering with PlatformlessAccelerating Enterprise Software Engineering with Platformless
Accelerating Enterprise Software Engineering with Platformless
 
Automate your NGINX Environment with the Ansible Collection for NGINX Controller
Automate your NGINX Environment with the Ansible Collection for NGINX ControllerAutomate your NGINX Environment with the Ansible Collection for NGINX Controller
Automate your NGINX Environment with the Ansible Collection for NGINX Controller
 
Azure Days 2019: Get Connected with Azure API Management (Gerry Keune & Stefa...
Azure Days 2019: Get Connected with Azure API Management (Gerry Keune & Stefa...Azure Days 2019: Get Connected with Azure API Management (Gerry Keune & Stefa...
Azure Days 2019: Get Connected with Azure API Management (Gerry Keune & Stefa...
 
NFVO based on ManageIQ - OPNFV Summit 2016 Demo
NFVO based on ManageIQ - OPNFV Summit 2016 DemoNFVO based on ManageIQ - OPNFV Summit 2016 Demo
NFVO based on ManageIQ - OPNFV Summit 2016 Demo
 
Streamlining Python Development: A Guide to a Modern Project Setup
Streamlining Python Development: A Guide to a Modern Project SetupStreamlining Python Development: A Guide to a Modern Project Setup
Streamlining Python Development: A Guide to a Modern Project Setup
 
Onboarding process made agile with confluent and flowabl
Onboarding process made agile with confluent and flowablOnboarding process made agile with confluent and flowabl
Onboarding process made agile with confluent and flowabl
 
Infrastructure as Code in Large Scale Organizations
Infrastructure as Code in Large Scale OrganizationsInfrastructure as Code in Large Scale Organizations
Infrastructure as Code in Large Scale Organizations
 
Manchester MuleSoft Meetup #8 - 28 Sept.pptx
Manchester MuleSoft Meetup #8 - 28 Sept.pptxManchester MuleSoft Meetup #8 - 28 Sept.pptx
Manchester MuleSoft Meetup #8 - 28 Sept.pptx
 
MuleSoft Manchester Meetup #4 slides 11th February 2021
MuleSoft Manchester Meetup #4 slides 11th February 2021MuleSoft Manchester Meetup #4 slides 11th February 2021
MuleSoft Manchester Meetup #4 slides 11th February 2021
 
DevOps Digital Transformation: A real life use case enabled by Alien4Cloud
DevOps Digital Transformation: A real life use case enabled by Alien4CloudDevOps Digital Transformation: A real life use case enabled by Alien4Cloud
DevOps Digital Transformation: A real life use case enabled by Alien4Cloud
 
Implementing API-led Cloud-native apps on OCI
Implementing API-led Cloud-native apps on OCIImplementing API-led Cloud-native apps on OCI
Implementing API-led Cloud-native apps on OCI
 
Nagios Consulting Implementation and Maintenance
Nagios Consulting Implementation and MaintenanceNagios Consulting Implementation and Maintenance
Nagios Consulting Implementation and Maintenance
 
cFactory v4 Launch Workshop for Partners
cFactory v4 Launch Workshop for PartnerscFactory v4 Launch Workshop for Partners
cFactory v4 Launch Workshop for Partners
 

Mehr von Aarno Aukia

The printing press of 2021 - using GitLab to publish the VSHN Handbook
The printing press of 2021 - using GitLab to publish the VSHN HandbookThe printing press of 2021 - using GitLab to publish the VSHN Handbook
The printing press of 2021 - using GitLab to publish the VSHN HandbookAarno Aukia
 
Applikationsmodernisierung: Der Weg von Legacy in die Cloud
Applikationsmodernisierung: Der Weg von Legacy in die CloudApplikationsmodernisierung: Der Weg von Legacy in die Cloud
Applikationsmodernisierung: Der Weg von Legacy in die CloudAarno Aukia
 
Von der Straße in die Cloud: Optimierung von Logistikprozessen mit Docker, Ku...
Von der Straße in die Cloud: Optimierung von Logistikprozessen mit Docker, Ku...Von der Straße in die Cloud: Optimierung von Logistikprozessen mit Docker, Ku...
Von der Straße in die Cloud: Optimierung von Logistikprozessen mit Docker, Ku...Aarno Aukia
 
Kubecon 2019 Recap
Kubecon 2019 RecapKubecon 2019 Recap
Kubecon 2019 RecapAarno Aukia
 
My broken container is gone - how to debug containers on container platforms
My broken container is gone - how to debug containers on container platformsMy broken container is gone - how to debug containers on container platforms
My broken container is gone - how to debug containers on container platformsAarno Aukia
 
Automated Server Administration for DevSecOps
Automated Server Administration for DevSecOpsAutomated Server Administration for DevSecOps
Automated Server Administration for DevSecOpsAarno Aukia
 
Wir arbeiten in der Cloud – eine Herausforderung für das IT Management?
Wir arbeiten in der Cloud – eine Herausforderung für das IT Management?Wir arbeiten in der Cloud – eine Herausforderung für das IT Management?
Wir arbeiten in der Cloud – eine Herausforderung für das IT Management?Aarno Aukia
 
Continuous security improvements in the DevOps process
Continuous security improvements in the DevOps processContinuous security improvements in the DevOps process
Continuous security improvements in the DevOps processAarno Aukia
 
Application Portability using Cloud Native Technology: Docker, Kubernetes
Application Portability using Cloud Native Technology: Docker, KubernetesApplication Portability using Cloud Native Technology: Docker, Kubernetes
Application Portability using Cloud Native Technology: Docker, KubernetesAarno Aukia
 
Moving Applications to the cloud
Moving Applications to the cloudMoving Applications to the cloud
Moving Applications to the cloudAarno Aukia
 
Migration von Applikationen in die Cloud
Migration von Applikationen in die CloudMigration von Applikationen in die Cloud
Migration von Applikationen in die CloudAarno Aukia
 
IPv6 on Container Plattforms
IPv6 on Container PlattformsIPv6 on Container Plattforms
IPv6 on Container PlattformsAarno Aukia
 
Cloud Native Computing & DevOps
Cloud Native Computing & DevOpsCloud Native Computing & DevOps
Cloud Native Computing & DevOpsAarno Aukia
 
Cloud Native Computing
Cloud Native ComputingCloud Native Computing
Cloud Native ComputingAarno Aukia
 
Cloud Native Computing Meetup Zürich Jan 11 2018
Cloud Native Computing Meetup Zürich Jan 11 2018Cloud Native Computing Meetup Zürich Jan 11 2018
Cloud Native Computing Meetup Zürich Jan 11 2018Aarno Aukia
 
Wie nutzen wir Cloud-Infrastruktur @ VSHN.ch
Wie nutzen wir Cloud-Infrastruktur @ VSHN.chWie nutzen wir Cloud-Infrastruktur @ VSHN.ch
Wie nutzen wir Cloud-Infrastruktur @ VSHN.chAarno Aukia
 
Scalable Web Applications with 100% open source
Scalable Web Applications with 100% open sourceScalable Web Applications with 100% open source
Scalable Web Applications with 100% open sourceAarno Aukia
 
Cloud Native Computing Meetup Zürich
Cloud Native Computing Meetup ZürichCloud Native Computing Meetup Zürich
Cloud Native Computing Meetup ZürichAarno Aukia
 
DevOps for E-Commerce
DevOps for E-CommerceDevOps for E-Commerce
DevOps for E-CommerceAarno Aukia
 

Mehr von Aarno Aukia (20)

The printing press of 2021 - using GitLab to publish the VSHN Handbook
The printing press of 2021 - using GitLab to publish the VSHN HandbookThe printing press of 2021 - using GitLab to publish the VSHN Handbook
The printing press of 2021 - using GitLab to publish the VSHN Handbook
 
Applikationsmodernisierung: Der Weg von Legacy in die Cloud
Applikationsmodernisierung: Der Weg von Legacy in die CloudApplikationsmodernisierung: Der Weg von Legacy in die Cloud
Applikationsmodernisierung: Der Weg von Legacy in die Cloud
 
Von der Straße in die Cloud: Optimierung von Logistikprozessen mit Docker, Ku...
Von der Straße in die Cloud: Optimierung von Logistikprozessen mit Docker, Ku...Von der Straße in die Cloud: Optimierung von Logistikprozessen mit Docker, Ku...
Von der Straße in die Cloud: Optimierung von Logistikprozessen mit Docker, Ku...
 
Kubecon 2019 Recap
Kubecon 2019 RecapKubecon 2019 Recap
Kubecon 2019 Recap
 
My broken container is gone - how to debug containers on container platforms
My broken container is gone - how to debug containers on container platformsMy broken container is gone - how to debug containers on container platforms
My broken container is gone - how to debug containers on container platforms
 
Automated Server Administration for DevSecOps
Automated Server Administration for DevSecOpsAutomated Server Administration for DevSecOps
Automated Server Administration for DevSecOps
 
Wir arbeiten in der Cloud – eine Herausforderung für das IT Management?
Wir arbeiten in der Cloud – eine Herausforderung für das IT Management?Wir arbeiten in der Cloud – eine Herausforderung für das IT Management?
Wir arbeiten in der Cloud – eine Herausforderung für das IT Management?
 
Continuous security improvements in the DevOps process
Continuous security improvements in the DevOps processContinuous security improvements in the DevOps process
Continuous security improvements in the DevOps process
 
Application Portability using Cloud Native Technology: Docker, Kubernetes
Application Portability using Cloud Native Technology: Docker, KubernetesApplication Portability using Cloud Native Technology: Docker, Kubernetes
Application Portability using Cloud Native Technology: Docker, Kubernetes
 
Moving Applications to the cloud
Moving Applications to the cloudMoving Applications to the cloud
Moving Applications to the cloud
 
Migration von Applikationen in die Cloud
Migration von Applikationen in die CloudMigration von Applikationen in die Cloud
Migration von Applikationen in die Cloud
 
IPv6 on Container Plattforms
IPv6 on Container PlattformsIPv6 on Container Plattforms
IPv6 on Container Plattforms
 
Cloud Native Computing & DevOps
Cloud Native Computing & DevOpsCloud Native Computing & DevOps
Cloud Native Computing & DevOps
 
Cloud Native Computing
Cloud Native ComputingCloud Native Computing
Cloud Native Computing
 
Cloud Native Computing Meetup Zürich Jan 11 2018
Cloud Native Computing Meetup Zürich Jan 11 2018Cloud Native Computing Meetup Zürich Jan 11 2018
Cloud Native Computing Meetup Zürich Jan 11 2018
 
Wie nutzen wir Cloud-Infrastruktur @ VSHN.ch
Wie nutzen wir Cloud-Infrastruktur @ VSHN.chWie nutzen wir Cloud-Infrastruktur @ VSHN.ch
Wie nutzen wir Cloud-Infrastruktur @ VSHN.ch
 
Scalable Web Applications with 100% open source
Scalable Web Applications with 100% open sourceScalable Web Applications with 100% open source
Scalable Web Applications with 100% open source
 
SecDevOps 2017
SecDevOps 2017SecDevOps 2017
SecDevOps 2017
 
Cloud Native Computing Meetup Zürich
Cloud Native Computing Meetup ZürichCloud Native Computing Meetup Zürich
Cloud Native Computing Meetup Zürich
 
DevOps for E-Commerce
DevOps for E-CommerceDevOps for E-Commerce
DevOps for E-Commerce
 

Kürzlich hochgeladen

Right Money Management App For Your Financial Goals
Right Money Management App For Your Financial GoalsRight Money Management App For Your Financial Goals
Right Money Management App For Your Financial GoalsJhone kinadey
 
WSO2CON2024 - It's time to go Platformless
WSO2CON2024 - It's time to go PlatformlessWSO2CON2024 - It's time to go Platformless
WSO2CON2024 - It's time to go PlatformlessWSO2
 
tonesoftg
tonesoftgtonesoftg
tonesoftglanshi9
 
Define the academic and professional writing..pdf
Define the academic and professional writing..pdfDefine the academic and professional writing..pdf
Define the academic and professional writing..pdfPearlKirahMaeRagusta1
 
Architecture decision records - How not to get lost in the past
Architecture decision records - How not to get lost in the pastArchitecture decision records - How not to get lost in the past
Architecture decision records - How not to get lost in the pastPapp Krisztián
 
MarTech Trend 2024 Book : Marketing Technology Trends (2024 Edition) How Data...
MarTech Trend 2024 Book : Marketing Technology Trends (2024 Edition) How Data...MarTech Trend 2024 Book : Marketing Technology Trends (2024 Edition) How Data...
MarTech Trend 2024 Book : Marketing Technology Trends (2024 Edition) How Data...Jittipong Loespradit
 
%in ivory park+277-882-255-28 abortion pills for sale in ivory park
%in ivory park+277-882-255-28 abortion pills for sale in ivory park %in ivory park+277-882-255-28 abortion pills for sale in ivory park
%in ivory park+277-882-255-28 abortion pills for sale in ivory park masabamasaba
 
%in Harare+277-882-255-28 abortion pills for sale in Harare
%in Harare+277-882-255-28 abortion pills for sale in Harare%in Harare+277-882-255-28 abortion pills for sale in Harare
%in Harare+277-882-255-28 abortion pills for sale in Hararemasabamasaba
 
VTU technical seminar 8Th Sem on Scikit-learn
VTU technical seminar 8Th Sem on Scikit-learnVTU technical seminar 8Th Sem on Scikit-learn
VTU technical seminar 8Th Sem on Scikit-learnAmarnathKambale
 
%in Soweto+277-882-255-28 abortion pills for sale in soweto
%in Soweto+277-882-255-28 abortion pills for sale in soweto%in Soweto+277-882-255-28 abortion pills for sale in soweto
%in Soweto+277-882-255-28 abortion pills for sale in sowetomasabamasaba
 
call girls in Vaishali (Ghaziabad) 🔝 >༒8448380779 🔝 genuine Escort Service 🔝✔️✔️
call girls in Vaishali (Ghaziabad) 🔝 >༒8448380779 🔝 genuine Escort Service 🔝✔️✔️call girls in Vaishali (Ghaziabad) 🔝 >༒8448380779 🔝 genuine Escort Service 🔝✔️✔️
call girls in Vaishali (Ghaziabad) 🔝 >༒8448380779 🔝 genuine Escort Service 🔝✔️✔️Delhi Call girls
 
WSO2Con2024 - WSO2's IAM Vision: Identity-Led Digital Transformation
WSO2Con2024 - WSO2's IAM Vision: Identity-Led Digital TransformationWSO2Con2024 - WSO2's IAM Vision: Identity-Led Digital Transformation
WSO2Con2024 - WSO2's IAM Vision: Identity-Led Digital TransformationWSO2
 
%+27788225528 love spells in Atlanta Psychic Readings, Attraction spells,Brin...
%+27788225528 love spells in Atlanta Psychic Readings, Attraction spells,Brin...%+27788225528 love spells in Atlanta Psychic Readings, Attraction spells,Brin...
%+27788225528 love spells in Atlanta Psychic Readings, Attraction spells,Brin...masabamasaba
 
Harnessing ChatGPT - Elevating Productivity in Today's Agile Environment
Harnessing ChatGPT - Elevating Productivity in Today's Agile EnvironmentHarnessing ChatGPT - Elevating Productivity in Today's Agile Environment
Harnessing ChatGPT - Elevating Productivity in Today's Agile EnvironmentVictorSzoltysek
 
%in tembisa+277-882-255-28 abortion pills for sale in tembisa
%in tembisa+277-882-255-28 abortion pills for sale in tembisa%in tembisa+277-882-255-28 abortion pills for sale in tembisa
%in tembisa+277-882-255-28 abortion pills for sale in tembisamasabamasaba
 
%in Midrand+277-882-255-28 abortion pills for sale in midrand
%in Midrand+277-882-255-28 abortion pills for sale in midrand%in Midrand+277-882-255-28 abortion pills for sale in midrand
%in Midrand+277-882-255-28 abortion pills for sale in midrandmasabamasaba
 
Introducing Microsoft’s new Enterprise Work Management (EWM) Solution
Introducing Microsoft’s new Enterprise Work Management (EWM) SolutionIntroducing Microsoft’s new Enterprise Work Management (EWM) Solution
Introducing Microsoft’s new Enterprise Work Management (EWM) SolutionOnePlan Solutions
 
Crypto Cloud Review - How To Earn Up To $500 Per DAY Of Bitcoin 100% On AutoP...
Crypto Cloud Review - How To Earn Up To $500 Per DAY Of Bitcoin 100% On AutoP...Crypto Cloud Review - How To Earn Up To $500 Per DAY Of Bitcoin 100% On AutoP...
Crypto Cloud Review - How To Earn Up To $500 Per DAY Of Bitcoin 100% On AutoP...SelfMade bd
 
%in kaalfontein+277-882-255-28 abortion pills for sale in kaalfontein
%in kaalfontein+277-882-255-28 abortion pills for sale in kaalfontein%in kaalfontein+277-882-255-28 abortion pills for sale in kaalfontein
%in kaalfontein+277-882-255-28 abortion pills for sale in kaalfonteinmasabamasaba
 

Kürzlich hochgeladen (20)

Right Money Management App For Your Financial Goals
Right Money Management App For Your Financial GoalsRight Money Management App For Your Financial Goals
Right Money Management App For Your Financial Goals
 
WSO2CON2024 - It's time to go Platformless
WSO2CON2024 - It's time to go PlatformlessWSO2CON2024 - It's time to go Platformless
WSO2CON2024 - It's time to go Platformless
 
tonesoftg
tonesoftgtonesoftg
tonesoftg
 
Define the academic and professional writing..pdf
Define the academic and professional writing..pdfDefine the academic and professional writing..pdf
Define the academic and professional writing..pdf
 
Architecture decision records - How not to get lost in the past
Architecture decision records - How not to get lost in the pastArchitecture decision records - How not to get lost in the past
Architecture decision records - How not to get lost in the past
 
MarTech Trend 2024 Book : Marketing Technology Trends (2024 Edition) How Data...
MarTech Trend 2024 Book : Marketing Technology Trends (2024 Edition) How Data...MarTech Trend 2024 Book : Marketing Technology Trends (2024 Edition) How Data...
MarTech Trend 2024 Book : Marketing Technology Trends (2024 Edition) How Data...
 
%in ivory park+277-882-255-28 abortion pills for sale in ivory park
%in ivory park+277-882-255-28 abortion pills for sale in ivory park %in ivory park+277-882-255-28 abortion pills for sale in ivory park
%in ivory park+277-882-255-28 abortion pills for sale in ivory park
 
%in Harare+277-882-255-28 abortion pills for sale in Harare
%in Harare+277-882-255-28 abortion pills for sale in Harare%in Harare+277-882-255-28 abortion pills for sale in Harare
%in Harare+277-882-255-28 abortion pills for sale in Harare
 
VTU technical seminar 8Th Sem on Scikit-learn
VTU technical seminar 8Th Sem on Scikit-learnVTU technical seminar 8Th Sem on Scikit-learn
VTU technical seminar 8Th Sem on Scikit-learn
 
%in Soweto+277-882-255-28 abortion pills for sale in soweto
%in Soweto+277-882-255-28 abortion pills for sale in soweto%in Soweto+277-882-255-28 abortion pills for sale in soweto
%in Soweto+277-882-255-28 abortion pills for sale in soweto
 
call girls in Vaishali (Ghaziabad) 🔝 >༒8448380779 🔝 genuine Escort Service 🔝✔️✔️
call girls in Vaishali (Ghaziabad) 🔝 >༒8448380779 🔝 genuine Escort Service 🔝✔️✔️call girls in Vaishali (Ghaziabad) 🔝 >༒8448380779 🔝 genuine Escort Service 🔝✔️✔️
call girls in Vaishali (Ghaziabad) 🔝 >༒8448380779 🔝 genuine Escort Service 🔝✔️✔️
 
WSO2Con2024 - WSO2's IAM Vision: Identity-Led Digital Transformation
WSO2Con2024 - WSO2's IAM Vision: Identity-Led Digital TransformationWSO2Con2024 - WSO2's IAM Vision: Identity-Led Digital Transformation
WSO2Con2024 - WSO2's IAM Vision: Identity-Led Digital Transformation
 
%+27788225528 love spells in Atlanta Psychic Readings, Attraction spells,Brin...
%+27788225528 love spells in Atlanta Psychic Readings, Attraction spells,Brin...%+27788225528 love spells in Atlanta Psychic Readings, Attraction spells,Brin...
%+27788225528 love spells in Atlanta Psychic Readings, Attraction spells,Brin...
 
CHEAP Call Girls in Pushp Vihar (-DELHI )🔝 9953056974🔝(=)/CALL GIRLS SERVICE
CHEAP Call Girls in Pushp Vihar (-DELHI )🔝 9953056974🔝(=)/CALL GIRLS SERVICECHEAP Call Girls in Pushp Vihar (-DELHI )🔝 9953056974🔝(=)/CALL GIRLS SERVICE
CHEAP Call Girls in Pushp Vihar (-DELHI )🔝 9953056974🔝(=)/CALL GIRLS SERVICE
 
Harnessing ChatGPT - Elevating Productivity in Today's Agile Environment
Harnessing ChatGPT - Elevating Productivity in Today's Agile EnvironmentHarnessing ChatGPT - Elevating Productivity in Today's Agile Environment
Harnessing ChatGPT - Elevating Productivity in Today's Agile Environment
 
%in tembisa+277-882-255-28 abortion pills for sale in tembisa
%in tembisa+277-882-255-28 abortion pills for sale in tembisa%in tembisa+277-882-255-28 abortion pills for sale in tembisa
%in tembisa+277-882-255-28 abortion pills for sale in tembisa
 
%in Midrand+277-882-255-28 abortion pills for sale in midrand
%in Midrand+277-882-255-28 abortion pills for sale in midrand%in Midrand+277-882-255-28 abortion pills for sale in midrand
%in Midrand+277-882-255-28 abortion pills for sale in midrand
 
Introducing Microsoft’s new Enterprise Work Management (EWM) Solution
Introducing Microsoft’s new Enterprise Work Management (EWM) SolutionIntroducing Microsoft’s new Enterprise Work Management (EWM) Solution
Introducing Microsoft’s new Enterprise Work Management (EWM) Solution
 
Crypto Cloud Review - How To Earn Up To $500 Per DAY Of Bitcoin 100% On AutoP...
Crypto Cloud Review - How To Earn Up To $500 Per DAY Of Bitcoin 100% On AutoP...Crypto Cloud Review - How To Earn Up To $500 Per DAY Of Bitcoin 100% On AutoP...
Crypto Cloud Review - How To Earn Up To $500 Per DAY Of Bitcoin 100% On AutoP...
 
%in kaalfontein+277-882-255-28 abortion pills for sale in kaalfontein
%in kaalfontein+277-882-255-28 abortion pills for sale in kaalfontein%in kaalfontein+277-882-255-28 abortion pills for sale in kaalfontein
%in kaalfontein+277-882-255-28 abortion pills for sale in kaalfontein
 

Security in the DevOps pipeline of containerized core application: Case Study Finnova

  • 1. 24.08.2020I Finnova 1 Finnova – Christian Reinhard, Head Application Management VSHN - Aarno Aukia, CTO & Partner CISO SUMMIT ZURICH
  • 2. INTRODUCTION 1 USER STORY – FROM THE IDEA TO OPENSHIFT PLATFORM 2 SECURITY WITHIN THE PLATFORM 3 4 Agenda CISO Summit 5 DEVOPS (VSHN) KEY TAKEAWAYS
  • 4. Finnova Application Management Seewen more than just Application Management 4 FINNOVA APPLICATION MANAGEMENT SEEWEN FINNOVA SOLUTIONS FINNOVA CONSULTING FINNOVA PRODUKTHAUS
  • 5. INTRODUCTION 1 USER STORY – FROM THE IDEA TO OPENSHIFT PLATFORM 2 SECURITY WITHIN THE PLATFORM 3Agenda CISO Summit 4 5 DEVOPS (VSHN) KEY TAKEAWAYS
  • 6. 03.08.20207 A solution arises from a customer need together with the customer – Finnova Portal as a Service CMS-Portal TechnologieFinnova Omega Platform Development PartnerFinnova Open Platform Orchestrierung mit Prozessen und FIL-Services Finnova Core Betrieb des CMS-Portals im SaaS-Modell | Workshop Neobank OPERATION AND APPLICATION MANAGEMENT AT FINNOVA AM IN SEEWEN
  • 7. Finnova Plattform 8 Portal as a Service Portal WAF WAF WAF Core Γ Core Γ Core Γ OMEGA Ω OMEGA Ω OMEGA Ω Finnova Core Suite 3rd Party Portal „Liferay“ – ti&m
  • 8. INTRODUCTION 1 USER STORY – FROM THE IDEA TO OPENSHIFT PLATFORM 2 SECURITY WITHIN THE PLATFORM 3Agenda CISO Summit 4 5 DEVOPS (VSHN) KEY TAKEAWAYS
  • 9. 24.08.2020 Hier steht der Präsentationstitel I10
  • 10. 12 Deployment Process & Security DEV (Repository) Files (Pods) Docker Images Container (OpenShift) Betrieb AM Seewen (PRD) GitHub Code Image-Scan (Security & Compliance Policies) » Code Analyse » Image Scanning » Container Hardening Runtime » Network Security » Monitoring » Logging & Reporting » Code Security » Access » Security & Auditing SecurityDeployment
  • 11. 24.08.2020 Portal as a Service13 Architecture and Security
  • 12. INTRODUCTION 1 USER STORY – FROM THE IDEA TO OPENSHIFT PLATFORM 2 SECURITY WITHIN THE PLATFORM 3Agenda CISO Summit KEY TAKEAWAYS 4 5 DEVOPS (VSHN)
  • 13. VSHN - The DevOps Company Collaboration between Software Development (Dev) and IT-Operations (Ops) ● Automate as much as possible (“Infrastructure as code”) ● use standard services (layers of abstractions with clear API) to abstract complexity ● Cost efficient and lean way of working ● Agility: ability to react to new/changing requirements ● One team with a common goal: ship stable features ● Continuous improvement 1515 DevOps
  • 14. VSHN - The DevOps Company 1616 DevOps: People, Processes & Tools
  • 15. VSHN - The DevOps Company DevOps + Security Engineering = DevSecOps 1717
  • 16. VSHN - The DevOps Company ● “Full Stack Audit” ● Review design document ● Every layer was custom built ○ physical hardware ○ handcrafted servers ○ manual application deployment ● Review each layer ● Review each layer again next year... 1818 Traditional IT governance
  • 17. VSHN - The DevOps Company ● Standardized components ○ already audited, some even externally certified ○ re-used, economies of scale, CMMI level 5 ○ tech controls (AAI, RBAC, logs/SIEM) implemented once ○ financial controls implemented once ● Infrastructure: private/public cloud, onprem ● Ops: Container orchestration platform ● Review design document & platform configuration 1919 Cloud native IT governance
  • 18. VSHN - The DevOps Company ● prevent configuration drift ○ immutable (application) infrastructure using containers ○ deploy dev/test/stage/prod envs from CI/CD ● prevent manual errors ○ validate configuration in CI/CD before deployment ○ standardization on (minimal, hardened) OS and container orchestrator ○ deployment automation removes need for (most) root prod access ● security by default ○ image scanning, dependency vulnerability management ○ process/storage/network separation of applications/environments ○ volumes & ingresspoints best practice (documentation, monitoring, backup, SSL/TLS/WAF) ○ AAI for admin & application, audit trail logging of CI/CD, control & application planes ○ key & secrets management ● 2020 IT governance controls in container platforms
  • 19. VSHN - The DevOps Company ● compute resources billable by project ● self-service-onboarding possible ● autoscaling, scale-down dev envs outside office hours ● vendor procurement/due diligence/certification management ● SLA, 24x7, service process, escalation management clearly defined 2121 IT governance financial/compliance controlling
  • 20. INTRODUCTION 1 USER STORY – FROM THE IDEA TO OPENSHIFT PLATFORM 2 SECURITY WITHIN THE PLATFORM 3Agenda CISO Summit KEY TAKEAWAYS 4 5 DEV OPS (VSHN)
  • 21. VSHN - The DevOps Company ● Modularization ○ Modular digitalization platform enabling multi-tenancy and development autonomy ○ clearly defined layers for API and operations for alignment ● Collaboration ○ BPF orchestration engine to provide end-to-end process for Dev & Ops (Application Management) at Finnova ○ clearly defined layers for operations and specialization 2323 Key takeaways
  • 22. VSHN - The DevOps Company @aarnoaukia http://about.me/aarno a@vshn.ch ETH → Google → Atrila → VSHN VSHN - The DevOps Company Since 2014, currently 45 VSHNeers in Zürich, Switzerland Helping Developers run applications on any infrastructure making both visitors happy with stability and developers happy with agility 2424 About Aarno & VSHN.ch
  • 23. Come visit us for a coffee! VSHN AG - Neugasse 10 - CH-8005 Zürich - +41 44 545 53 00 - https://vshn.ch/ - info@vshn.ch https://vshn.ch/kontakt/ Follow us on Twitter! @vshn_ch 25