True Story of Implementing SecDevOps in FinTech

In the Financial industry, Application Security is often underscored by the focus on compliance issues - until an incident happens. After a recent hack of a bank in Pakistan, all the Security Personnel, Information Security Assessment Companies were choked with their limited resources. This is when they jumped on the opportunity to Implement, and then market DevSecOps to the greater market. We implemented the fundamentals of Application Security, starting from the basics of Application Security Scanning (SAST / DAST), to systems hardening, and ultimately take on PA-DSS audits head-on. We then successfully implemented automation across all security efforts.