DevSecOps in Banking: A Unified Approach with GitLab and ServiceNow for Regulatory Compliance
Keywords:
DevSecOps, Banking, Regulatory Compliance, GitLab, ServiceNow, Risk ManagementAbstract
Regulatory compliance is a difficult task in the modern banking scene as strict rules & frequent audits put great strain on teams responsible for growth & as well as operations. Conventional compliance strategies cause conflict between agility & security as they typically fail to match the quick innovation cycles needed in the industry. This article investigates how well the use of a DevSecOps approach—including security measures throughout all phases of software development—may reduce these kinds of problems. DevSecOps lets teams deliver software quickly while keeping their regulatory standards by including these compliance checks right into the development process. This approach mostly depends on the smooth integration of GitLab and ServiceNow, two strong systems that taken together provide a complete solution for governance, deployment, and continuous integration. This paper presents a pragmatic design using this connection to provide a clear method of automating compliance activities in financial environments. A useful case study shows how well this approach can simplify these documentation, increase openness & automate policy execution. Institutions thereby acquire improved traceability, faster audit ready-madness & a significant reduction in compliance-related risks. This combined DevSecOps approach not only meets their legal needs but also lets financial organizations innovate with confidence & security.
Downloads
References
Zhou, Jihai. "DevSecOps: Integrating Security in DevOps for Financial Applications." Future And Fintech, The: Abcdi And Beyond (2022): 423.
Immaneni, Jayaram. "Securing Fintech with DevSecOps: Scaling DevOps with Compliance in Mind." Journal of Big Data and Smart Systems 2.1 (2021).
Sangaraju, Varun Varma. "Optimizing Enterprise Growth with Salesforce: A Scalable Approach to Cloud-Based Project Management." International Journal of Science And Engineering 8.2 (2022): 40-48.
Sanders, Geoffrey, et al. "Integrating zero trust and DevSecOps." (2021).
Kanstantsin, Zalialetdzinau. "Secure change management process: on the effectiveness of DevSecOps." Computer Science and Information Technology 10.4 (2022): 37-51.
SOLANKE, ADEDAMOLA ABIODUN. "Enterprise DevSecOps: Integrating security into CI/CD pipelines for regulated industries." (2022).
Ramaj, Xhesika, et al. "Holding on to compliance while adopting devsecops: An slr." Electronics 11.22 (2022): 3707.
Talakola, Swetha, and Abdul Jabbar Mohammad. “Leverage Power BI Rest API for Real Time Data Synchronization”. International Journal of AI, BigData, Computational and Management Studies, vol. 3, no. 3, Oct. 2022, pp. 28-35
Chaganti, Krishna. "Adversarial Attacks on AI-driven Cybersecurity Systems: A Taxonomy and Defense Strategies." Authorea Preprints.
Veluru, Sai Prasad. "Streaming Data Pipelines for AI at the Edge: Architecting for Real-Time Intelligence." International Journal of Artificial Intelligence, Data Science, and Machine Learning 3.2 (2022): 60-68.
Venkata, Baladari. "SMART PAYMENT SECURITY: A SOFTWARE DEVELOPER’S ROLE IN PREVENTING FRAUD AND DATA BREACHES." (2020).
Datla, Lalith Sriram. “Postmortem Culture in Practice: What Production Incidents Taught Us about Reliability in Insurance Tech”. International Journal of Emerging Research in Engineering and Technology, vol. 3, no. 3, Oct. 2022, pp. 40-49
Fresco, Matteo. DevOps: development of a toolchain in the banking domain. Diss. Politecnico di Torino, 2021.
Abdul Jabbar Mohammad. “Timekeeping Accuracy in Remote and Hybrid Work Environments”. American Journal of Cognitive Computing and AI Systems, vol. 6, July 2022, pp. 1-25
Balkishan Arugula. “AI-Driven Fraud Detection in Digital Banking: Architecture, Implementation, and Results”. European Journal of Quantum Computing and Intelligent Agents, vol. 7, Jan. 2023, pp. 13-41
Kupunarapu, Sujith Kumar. "AI-Driven Crew Scheduling and Workforce Management for Improved Railroad Efficiency." International Journal of Science And Engineering 8.3 (2022): 30-37.
Boda, Vishnu Vardhan Reddy. "CI/CD in FinTech: How Automation is Changing the Game." Journal of Innovative Technologies 2.1 (2019).
Vasanta Kumar Tarra, and Arun Kumar Mittapelly. “Predictive Analytics for Risk Assessment & Underwriting”. JOURNAL OF RECENT TRENDS IN COMPUTER SCIENCE AND ENGINEERING ( JRTCSE), vol. 10, no. 2, Oct. 2022, pp. 51-70
Datla, Lalith Sriram. “Infrastructure That Scales Itself: How We Used DevOps to Support Rapid Growth in Insurance Products for Schools and Hospitals”. International Journal of AI, BigData, Computational and Management Studies, vol. 3, no. 1, Mar. 2022, pp. 56-65
Boda, Vishnu Vardhan Reddy. "Winning at DevOps in FinTech: Real-Life Strategies and Success Stories." Advances in Computer Sciences 2.1 (2019).
Balkishan Arugula. “Knowledge Graphs in Banking: Enhancing Compliance, Risk Management, and Customer Insights”. European Journal of Quantum Computing and Intelligent Agents, vol. 6, Apr. 2022, pp. 28-55
Desai, Rajavi, and T. N. Nisha. "Best practices for ensuring security in devops: A case study approach." Journal of Physics: Conference Series. Vol. 1964. No. 4. IOP Publishing, 2021.
Chaganti, Krishna C. "Leveraging Generative AI for Proactive Threat Intelligence: Opportunities and Risks." Authorea Preprints.
Jani, Parth, and Sarbaree Mishra. "Governing Data Mesh in HIPAA-Compliant Multi-Tenant Architectures." International Journal of Emerging Research in Engineering and Technology 3.1 (2022): 42-50.
Talakola, Swetha. “Exploring the Effectiveness of End-to-End Testing Frameworks in Modern Web Development”. International Journal of Emerging Research in Engineering and Technology, vol. 3, no. 3, Oct. 2022, pp. 29-39
Allam, Hitesh. “Platform Engineering As a Service: Streamlining Developer Experience in Cloud Environments”. International Journal of Emerging Research in Engineering and Technology, vol. 3, no. 3, Oct. 2022, pp. 50-59
Hsu, Tony Hsiang-Chih. Practical security automation and testing: tools and techniques for automated security scanning and testing in devsecops. Packt Publishing Ltd, 2019.
Kupunarapu, Sujith Kumar. "AI-Enhanced Rail Network Optimization: Dynamic Route Planning and Traffic Flow Management." International Journal of Science And Engineering 7.3 (2021): 87-95.
Veluru, Sai Prasad. "Leveraging AI and ML for Automated Incident Resolution in Cloud Infrastructure." International Journal of Artificial Intelligence, Data Science, and Machine Learning 2.2 (2021): 51-61.
Vasanta Kumar Tarra, and Arun Kumar Mittapelly. “AI-Driven Fraud Detection in Salesforce CRM: How ML Algorithms Can Detect Fraudulent Activities in Customer Transactions and Interactions”. American Journal of Data Science and Artificial Intelligence Innovations, vol. 2, Oct. 2022, pp. 264-85
Tortoriello, Valentina. Definition of a DevSecOps Operating Model for software development in a large Enterprise. Diss. Politecnico di Torino, 2022.
Xu, Jun, ed. Future and fintech, the: Abcdi and beyond. World Scientific, 2022.
Jani, Parth. "Predicting Eligibility Gaps in CHIP Using BigQuery ML and Snowflake External Functions." International Journal of Emerging Trends in Computer Science and Information Technology 3.2 (2022): 42-52.
Mohammad, Abdul Jabbar, and Seshagiri Nageneini. “Temporal Waste Heat Index (TWHI) for Process Efficiency”. International Journal of Emerging Research in Engineering and Technology, vol. 3, no. 1, Mar. 2022, pp. 51-63
Allam, Hitesh. “Metrics That Matter: Evolving Observability Practices for Scalable Infrastructure”. International Journal of AI, BigData, Computational and Management Studies, vol. 3, no. 3, Oct. 2022, pp. 52-61
Carturan, Sara, and Denise Goya. "Major Challenges of Systems-of-Systems with Cloud and DevOps–a financial experience report." 2019 IEEE/ACM 7th International Workshop on Software Engineering for Systems-of-Systems (SESoS) and 13th Workshop on Distributed Software Development, Software Ecosystems and Systems-of-Systems (WDES). IEEE, 2019.
