How HMRC Digital secures services at scale | Equal Experts

Clients
Services
- Back
- Services
  Discover Equal Experts' services and how we've helped clients transform their business.
- Services
- Data: Make better decisions
  
  High-quality data on demand to empower your organisation to make better decisions.
- Design: Unlock value faster
  
  Strategic design thinking and user-centered research.
- Deliver: Increase the pace of innovation
  
  Security and operability with modern software engineering practices.
- Scale: Accelerate delivery and cost reduction
  
  Accelerated innovation and cost reduction of ownership as your organisation grows.
- Al: Responsible innovation coupled with engineering excellence.
  
  Gen AI may have just made the splash into the mainstream, but we’ve been working with AI for over 15 years.
Our people
- Back
- Our people
  A diverse community of software professionals, united by our values.
  Our people
- Our people - Overview
- Our people
Insights
- Back
- Insights
  Explore a curated list of case studies, industry trends, articles, webinars, and playbooks.
- Insights
- Data: Use. Explore. Avoid.
  
  Insights into what to use, explore or avoid when it comes to all-things data.
- Playbooks
  
  Good practice guides based on years of experience.
- Blog
  
  Industry and tech insight from our leading team of experts.
- Events
  
  Industry leading events our experts are attending
- Network Blogs
  
  Showcasing our network members' industry and tech insights who publish on their own platforms
- Case Studies
  
  Our work with clients across various industries around the world.
Join us
Contact us
- Back
- Contact us
  Our experienced teams deliver software all around the globe.
  Contact us
  Join us
- Contact us - overview
- Our offices

This event took place on Sep 07, 2022

WATCH THE EVENT

PRESENTERS

Ben Conrad | Head of Product for MDTP, HMRC

Gerald Benischke | AppSec Lead, Equal Experts

EVENT DESCRIPTION

HM Revenue & Customs is the tax collection authority for the United Kingdom government. The department is responsible for the collection of revenue (taxes and duties) from all UK taxpayers, be they citizens or businesses. We work together with the Government Digital Service (GDS) and other departments to ensure the services we provide are built to common strong standards.

This session peels back the covers on what it is like to secure HMRC’s digital tax platform, which is built on AWS and comprises 1000+ microservices built by 100 teams with ~1500 deployments a month. Security incidents such as Log4Shell and news reports of data leaks are always a risk to digital services, and at HMRC Digital we’re in a position to react quickly and confidently to incidents as they occur.

We’ll share some insights into how we’ve secured the microservices that run on the platform, including:

identifying vulnerabilities prior to live deployments
increasing buy-in from teams for service security
leaning on an opinionated tech stack to boost our security position
using a service catalogue and async chat comms to power security collaboration

We will also provide some recommendations on what you can do to get started with your own AppSec programme.

**
This talk takes place at:

8.30am BST

9.30am SAST

1pm IST

5.30pm AEST

**