Join us on Thursday, Dec 3 at 9 am EST
ABOUT FINCONDX VIRTUAL SUMMIT
FinConDX is a virtual conference focused on the DevOps, DevSecOps and Digital Transformation practices and tools you need to thrive in the fintech industry. The conference will bring together financial services and tech leaders to cover a wide range of topics, including development, operations, product, architecture and leadership through a series of expert-lead sessions, panels and keynotes. Breakout sessions and panel discussions will fall under following topics:
- leading digital transformation,
- emerging technology,
- security and audit,
- modernization tools,
- and more.
All the C levels and their organizations will be the enablers of rapid change in the financial sector, balancing necessary controls and risk management with modernization techniques. Industry experts will discuss the innovative approaches to the financial sectors rapid digital transformation, exploring leading edge technology and the methodology in the wake of COVID-19.
You can win an Oura Health-Tracking Device!
Register and attend our event to be entered in our giveaway automatically!
Past, Present & Future: Continuous Delivery’s Role in the Financial Services Industry
What role does continuous delivery play in the financial services sector, and how is this role evolving in the wake of COVID? Tune into this panel discussion moderated by MediaOps Chief Content Officer Charlene O’Hanlon and featuring Tracy Ragan, CEO of DeployHub + CDF Board Member, Dan Garfield, Chief Technology Evangelist at Codefresh and Brian Dawson, Director and DevOps Evangelist at CloudBees.
This panel will cover topics such as:
- The impact of COVID-19 on application development and delivery
- How cloud-native technologies (Kubernetes) have transformed continuous delivery
- How next-gen CD is helping shape the fintech world
Patterns and Antipatterns for Delivering Better Value Sooner Safer Happier
In this talk, Jon will share lessons learnt the hard way in supporting organisations to deliver Better Value Sooner Safer Happier. This is based on learnings from previously leading Ways of Working across a 330 year-old, global, Financial Services organisation with 80,000 people in multiple business lines, and now working with a range of organisations, across industry sectors on the topic of Business Agility. There are approaches that give you a headwind, making a hard job harder and there are approaches which give you a tailwind, making a hard job ever so slightly less hard!
DevOps Automated Governance
This presentation is intended to guide organizations on implementing an automated process for tracking governance throughout the deployment pipeline; by providing a reference architecture to help guide organizations on how to design and implement automated governance throughout the delivery pipeline. A sample use case is also provided to further enforce these best practices. Ultimately, a DevOps automated governance process can give organizations the assurance that the delivery of their software and services are trusted.
Shifting Security Left. No, further left!
Rapid iterations of DevOps, along with a host of new tools, can make an application security program seem like a square peg in a round hole as enterprises try to push Sec into the middle of DevOps. At the same time, modern applications rely on a more dynamic environment that can introduce new security challenges, particularly as they scale.
In this session, we will explore:
- Best practices for making security and compliance ubiquitous, to reduce risk and cost.
- Security challenges of a changing software development lifecycle and of next-gen software.
- Automating and monitoring secure development practices.
After attending, you will be prepared to identify gaps in your security program with pragmatic advice for how to reduce your risks.
Friends or Enemies? DevOps & GRC
To stay compliant and secure, you need to go faster. You may be wondering — how is that possible? Governance, Risk and Security are generally bottlenecks for most of the Banks/Financial Institutions undergoing DevOps transformations. As we step into the eleventh year of the term “DevOps," it is now mainstream in most organizations. It makes its way into the Strategy & Board meetings, CIO presentations, press releases and success parties.
As most organizations are just scratching the surface, there is a lot to take on when it comes to DevOps Transformation. The traditional Command & Control Governance model, afterthought Security discussion with your InfoSec big brothers, answering endless questions with your Risk line and auditors — How to fit in with our transformation?
BMK inspires you to have courageous conversations with your Governance, Compliance, Risk & Security folks and establishes the understanding that it is a two-way road in which all of the parties must explore, learn, adapt and practice.
His talk will cover and help you to explore:
- From Centralized Committee Governance — Decentralized Automated Governance
- From Compliance tick-box exercise to Compliance as Code
- From faking the security audit to baking them into delivery pipelines
- From “No” to tedious audits to “Yes” to automated evidence/digital attestations
Application Security: Bridging the Gap between DevOps and Security Teams
This talk will cover:
- Cultural divide between DevOps and security teams
- Federated responsibility model for AppSec
- The challenges of implementing this model in real life
- Quick look at how ZeroNorth’s platform can enable organizations to start to address these challenges
How to Implement a Secure GitOps Workflow
Tired of slides? Watch this hands-on demo with Viktor Farcic to see how to create a full lifecycle of applications in production using the GitOps. See how a GitOps workflow is ideal for high-security environments and establish auditing trails and how it might change the way we define application lifecycle pipelines.
Digital Transformation in the Finance Sector for Innovation With Integrity
IBM Z has remained the backbone of the Financial Services Industry for its qualities of security, reliability, and availability. Now with OpenShift integration and DevOps capabilities, IBM Z continues to be a strategic component of your digital transformation. Join Rosalind as she talks about the latest enterprise technologies of Hyperprotect Virtual Servers, Confidential computing, and open CI/CD toolchains to support agility and cyber resiliency in your hybrid cloud environments.
Act Now, Before it’s Too Late
DevOps teams are being asked to move at break-neck speeds to deliver new and engaging customer experiences. You rely on automated software pipelines to deliver cloud applications fast and secure. But
one of these things is not like the others. Enterprise security is lagging, still trying to use people and outdated processes to govern continuously changing and fast-moving public clouds.
Traditional security and governance approaches break in the cloud. To operate their businesses successfully in the cloud, Financial institutions must rethink security governance. Join Don Duet, CEO and Founder of Concourse Labs and former Goldman Sachs CIO to learn what changes are required for effective cloud governance so that you can safely achieve digital transformation at scale.
Create Great User Experiences Using Legacy Banking Tech
How can financial companies create the experiences that customers expect when they are sitting on decades-old technology? OutSystems provides proven ways of delivering web & mobile applications, integrations, and new tech like chat bots, AI, and ML all on one platform. During this session, Keith will explain how established financial institutions are adopting low-code solutions in order to catch up to the fintech disruptors and provide examples of proven results.
Capital One’s Journey into the DevOps World
Capital One has been on a technology transformation journey for more than five years. It has been the first bank to exit data centers and move onto the public cloud. In this talk I will share a high level view of the transformation journey. I will also discuss some of the challenges that we faced and how we overcame them.
Database Devops For Financial Industry: Security And Audit
As financial institutions are adopting DevOps best practices to speed up application delivery the database remains the stumbling block causing delays, introducing risks, slowing down release cycles and wasting valuable internal resources. At the same time, compliance and audits are managed manually, complicating the process even further.
It is time to bridge the gap between the database and the CI/CD process in order to achieve faster release cycles and simplify compliance, security and auditing.
The Human Touch of Digital Transformation
To thrive in the new world, we require a thoughtful redefining of what is a humane and effective enabler of transactions. The financial industry's digital transformation has accelerated at an unprecedented pace due to COVID-19. Over the past 7 months, we have seen the digital adoption in areas like everyday banking and e-commerce that would have been expected to take 7 years.
We are in the business of trust. That's why our teams must adapt quickly with innovative solutions to meet rapidly changing consumer and human needs.
While we adapt by increasing the speed of digitization and technology transformation, we must step back and ask ourselves whether we are transforming in a way that engages those human needs and builds authentic connections with the customers and communities that we serve.
Join my session to learn how TD Bank is tackling these challenges while positioning ourselves to be the better bank of the future.
Auditors want proof that only the right people did what they were supposed to do, when they were supposed to do it. And they want that information now. Developers run for cover whenever release managers show up with an audit request in their hands. Audit-ready pipelines address both these problems.
At the same time, DevSecOps requires several core building blocks in order to become a reality: multiple connected tools, using only immutable objects managed by automated approval gates, all governed by centralized RBAC and end-to-end visibility and data (from code commit to production deployment.) In other words audit-ready release pipelines.
In this session, attendees see examples of what an audit-ready release pipeline looks like and how they can placate auditors quickly and not bring fear to your development teams.
DevOps Game Session with John Willis & Kevin Behr
Join us for this DevOps game session where Kevin Behr, co-author of The Phoenix Project will play the role of Bill Palmer and John Willis, co-author of The DevOps Handbook will be playing Eric Ried. They will be reimagining how these conversations would be different now in 2020. The session should be fun and informative, and insightful seeing how two leaders in the DevOps community look at the next 10 years of DevOps, DevSecOps, and Digital Transformation.
Managing Security and Risk throughout the Digital Transformation Process
With digital transformation in the financial service sector accelerating faster than ever, securing the leading edge of technologies and methodologies has never been more important.
Join financial services security leaders Andreas Wuchner, Group Head IT & Risk Governance at Credit Suisse, Upendra Mardikar, Chief Security Officer at Snap Finance (formerly with American Express, Visa, and PayPal), and Jyoti Bansal, Founder & CEO Traceable, AppDynamics, Harness, and Unusual Ventures.
This session will cover:
- What the current security stack is, and where are the gaps are with regards to protecting new architectures
- How and why security leaders need to foster partnerships with their development and DevOps teams
- What the role of security automation and emerging technologies are to enable that, and how to make existing personnel more efficient
What the Financial Services Industry Can Learn About Speed and Security From High Performance Open Source Development
With 40 million developers, 300,000 of open source projects, 500 billion open source package downloads annually -- what could go wrong? Or better yet, what could we get more right? As the financial services industry relies more and more on open source to innovate, it’s crucial to answer these questions.
In a two year long collaboration with Gene Kim and Dr. Stephen Magill, we objectively examined and empirically documented software release patterns and cybersecurity hygiene practices across 30,000 commercial development teams and open source projects. At the heart of our endeavor we looked at: what attributes can we use to identify the best open source project behaviors, what behaviors have been adopted by the best development teams relying on those projects, and what practices would produce the best security and productivity outcomes.
From yuan to the euro, everyone has security requirements. The players in the global financial services industry may differ in currency units, but share a common goal: software security. In 2017, it took three days for adversaires to exploit new vulnerabilities discovered in open source components resulting in the infamous Equifax breach. Since then, companies have made significant investments to not become the “next Equifax”. Eager to identify their next attack vector, adversary strategies have shifted ‘upstream’ to next generation software supply chain attacks where they can infect a single component that can be quickly distributed ‘downstream’ to hundreds or millions of unsuspecting developers. Their exploits are now achieved in seconds.
In this session, we’ll share the practices and outcomes we discovered that differentiate the low performers from the peak performers. You’ll understand how open source projects with 1.5x more frequent releases and 530x faster open source dependencies upgrades harness this speed to dramatically improve security within their code. You will also learn how high performance enterprise software development teams at some of the largest financial institutions are simultaneously boosting productivity and security - achieving 15x faster deployments and 26x faster remediation of application security vulnerabilities.
Finally, I’ll shed light on how we can all apply these exemplary practices to stay a step (or more) ahead of our adversaries. Don’t be afraid to upgrade your perspectives on application security and be sure to join this session.
Moving Fast When You Can't Break Things
In decades gone by the financial sector was seen as one of the pinnacles of software innovation. With the rise of technology giants e.g FAANG [Facebook, Amazon, Apple, Netflix, Google], the ability to be agile and move quickly has shifted public perception of innovation to high tech sector companies. With mottos such as “move fast and break things”, in the financial sector breaking things can have a grave impact on the financial markets and confidence.
To stay competitive and address customer needs and attract and retain modern development talent, financial services firms have been adopting Continuous Delivery. Not only for technology and business to consumer firms, Continuous Delivery is a spectrum that many financial service firms are on the journey to adopt. Learn in this talk about ways that financial service organizations can embrace the motto “move fast and don’t break things” with Continuous Delivery.
1. Balance of innovation vs control is always being fine-tuned.
2. Any improvement is an improvement and you don’t have to be deploying every 12 seconds like Amazon.
3. We judge confidence in people, process, and technology. Start incremental where it is easier than address the other points.
How to Avoid Paying Ransom Due to Your Cloud Security Vendor
Most cloud security solutions are not capitalizing on the great advancements that have taken place in the cloud-native deployments. This means the overhead of running these solutions is going to add huge costs to the overall compute and operational costs of the Kubernetes environment - Cluster Economics! A true cloud-native security approach should take full advantage of the cloud platform and its available controls. Learn how leveraging the cloud-native controls can help you save massive expenses.
Change Is Constant: Here’s How You Stay Resilient
Is your organization ready for the next big change? The COVID-19 pandemic wasn’t the first major economic disruptor and it certainly won’t be the last, so how can you make sure your teams are prepared to adapt and embrace change?
In this panel discussion, leaders in the DevOps and banking industries will discuss how to use DevOps to not only manage change, but stay ahead of the competition. Learn the strategies and systems you need to put in place now to be ready for the next big financial shift. Hear case studies of how financial institutions have used continuous delivery and value stream management to navigate disruption. We can’t predict the future, but we can use DevOps to set ourselves up for success in the face of new circumstances.
Bringing Discipline To The Cloud
Managing costs shifting from onsite data centers to the cloud is only the start of FinOps management of cloud resources. Seemingly every aspect of the business is using multiple cloud services from product teams in business units, IT and 3rd party software development efforts, and end user cloud-based productivity services. But FinOps is much more than just managing costs differently. Costs are variable, often hidden or undefined based upon a multitude of factors. Join Mitch Ashley, former CIO and CTO, to discuss an approach CFOs and C-levels can use to align cloud activities with measurable business outcomes.
Top 10 Organizational Change Management Anti-Patterns
The most difficult part of a digital transformation is getting people to invest in needed improvements and embrace new ways of working. It is all about organizational change management. Digital transformation leader, analyst, consultant and author, Gary Gruver, shares his experience with vital change management anti-patterns. Gary also builds from the work of Wharton School of Business professor and author, Jonah Berger.
Platform is Cake: A Layered Approach to Building an Enterprise-Scale Application Delivery Platform
Everyone needs an application delivery platform that provides the right developer experience for your application delivery teams. Whether you acquire an integrated platform or build one by integrating a set of tools, you need to craft the platform in a way to allow it to be scalable for the enterprise, and provide curated experiences for the myriad developer types, across the various technology stacks you have. This requires an underlying architecture that addresses all the four ‘layers’ of the platform ‘cake’. Namely - Environments, Software delivery lifecycle tools, Data, and Security and Compliance. Each layer is essential. Each layer is complex. Each layer is builds on the ‘flavor profiles’ of the other layers. Let’s learn how to bake this cake.
Sanjeev Sharma, author of the bestseller ‘The DevOps Adoption Playbook’ will share his lessons learned from his experience in the Financial Services sector that includes working in senior leadership designing, deploying and running successful Hybrid Cloud, DevOps, and DataOps driven transformations at several of the largest, most strategic banks and financial services organizations globally.
Sanjeev is currently the Head of Platform Engineering at Truist. Sanjeev is a former Distinguished Engineer at IBM, the former field CTO at Delphix, and a former principal analyst at Accelerated Strategies.