Comprehensive Approaches to Software Supply Chain Security

code red code red

Developing software in the highly regulated FinTech industry presents unique challenges due to the complexity and risks involved. Regulatory frameworks significantly impact architecture decisions, requiring attention to compliance and data security standards.

Also, the ever-evolving cybersecurity threats require continuous attention and proactive steps to protect financial data and customer information.

Since oversight in security results in significant financial losses and damage to the company's reputation, it's crucial to adopt robust security measures and compliance protocols.

In this talk, we dive into:

  • The real-world case studies of a security-centric approach to architecture. Even if you are not involved in FinTech, you will learn ways to enhance your system's security. 
  • We explore the Secure Development Standards and the influence of the PCI Data Security Standard on software development and architecture. Additionally, I will show how to identify security vulnerabilities early in the development cycle and ensure that only verified, secure code is deployed to production environments.
  • We will discuss security risk assessment and mitigation methodologies.
  • Lastly, I will showcase automation within our CI/CD pipeline, demonstrating how it streamlines fast deployment while ensuring security remains paramount.


Mykhailo Brodskyi

Principal Software Architect @PagoNxt, Member of the Architecture Board and the Global Enterprise Architecture, Previously @Hilti and @GlobalLogic

I am a Principal Software Architect at PagoNxt (Santander Company), in Munich, deeply rooted in the FinTech industry. In my current role, I lead numerous business-critical projects, focusing primarily on secure platform architecture enhancements and the challenging task of migrating over 100+ application modules from traditional data centers to the Cloud. As a member of the Architecture Board and the Global Enterprise Architecture, I play a key role in shaping our target platform architecture. Additionally, being part of the Leadership team allows me to contribute to strategic decision-making processes, driving innovation and the continuous improvement of our delivery and efficiency in our solutions.

Read more
Find Mykhailo Brodskyi at: