x15 is an umbrella organisation for a group of innovative financial technology companies owned by one of Australia’s big 4 banks. Its remit is to build next generation financial technology products that can connect to the bank’s customer base and systems, while working in a true startup technology environment.

Over the last 18 months we have developed both DevSecOps and SecOps capabilities that span all the ventures within the x15 umbrella. These ventures operate on different cloud platforms, different technology stacks, and in different regulatory environments. Leveraging modern cloud technology, we now have DevSecOps and SecOps capabilities that rival those of any mature financial institution, and are compliant in often highly regulated environments.

This talk will walk through how we have achieved this by:

• Operating a very small but technically adept and focused team
• Leveraging cloud only technology, with zero on premises
• Using no expensive products from big security vendors
• Contributing our innovation back to the community
• Focusing on filtering signal from noise, and identifying genuine security threats, not playing triage whack-a-mole

Attendees will walk away with a blueprint for how scalable, cost effective DevSecOps and SecOps capabilities can be built, in a way that allows you to operate in regulated financial services environments.