Rootconf 2025 Annual Conference CfP
Rootconf
Rootconf

Rootconf 2025 Annual Conference CfP

Speak at Rootconf 2025 Annual Conference

Tickets

Loading…

All submissions
Rohit Raveendran

Rohit Raveendran

@rrr0hit

Zero-Trust Security Architecture for Fintech: Implementing Compliance Automation with Istio, OPA, and Kubernetes

Submitted Apr 4, 2025

Type of submission: 30 mins talk Topic of your submission: Performance engineering I am submitting for: Rootconf Annual Conference 2025

Title

Zero-Trust Security Automation: Streamlining Fintech Compliance with Service Mesh and Policy-as-Code

Abstract

How do you maintain regulatory compliance in fintech without creating security bottlenecks? Traditional approaches force a choice between security and velocity, creating deployment friction that frustrates developers. This session demonstrates a zero-trust architecture using Istio, OPA, and Kubernetes that automates compliance verification while accelerating deployment frequency.

Description

Financial services face stringent regulatory requirements that often result in manual approval processes, slowing innovation and frustrating development teams. Microservice architectures compound this challenge by exponentially increasing the number of service-to-service connections requiring security validation.

This session demonstrates a production-tested architecture that implements automated compliance verification at scale:

  1. Service Authentication Layer - We’ll examine the implementation of Istio’s mTLS for cryptographic identity verification and how to properly manage certificate rotation without disrupting services.

  2. Policy Enforcement Points - Through code examples, we’ll show how to integrate OPA with Envoy sidecars to implement context-aware authorization decisions that enforce regulatory boundaries automatically.

  3. Declarative Security Compliance - We’ll demonstrate our open-source Kubernetes operators that continuously validate security posture against compliance requirements without manual checkpoints.

The presentation will include detailed architecture diagrams and live demonstrations of the GitOps workflow that enables security policies to evolve through the same CI/CD pipelines as application code.

Attendees will learn:

Implementation patterns for automating mTLS certificate management at scale

Techniques for building OPA policies that enforce regulatory requirements
Methods for implementing declarative security policies with full audit capabilities

Practical approaches for integrating security tooling with developer workflows

This architecture enables security teams to shift from gatekeepers to enablers by automating compliance verification while providing developers with self-service capabilities that maintain security boundaries.

About:

Rohit Raveendran is a co-founder and VP of Engineering at Facets.cloud. A Java and Kubernetes enthusiast, Rohit boasts a decade of Dev experience in backend and infrastructure. An IIT-Kharagpur grad, he joined Capillary Technologies and ascended to Principal Architect. During his time at Capillary, he worked on implementing Platform Engineering, enabling developer self-service, and developing a solution that mitigated long-standing DevOps challenges.

All submissions

Comments

{{ gettext('Login to leave a comment') }}

{{ gettext('Post a comment…') }}
{{ gettext('New comment') }}
{{ formTitle }}

{{ errorMsg }}

{{ gettext('No comments posted yet') }}

Follow
Hybrid access (members only)

Hosted by

Rootconf
Rootconf
We care about site reliability, cloud costs, security and data privacy