RFA launches DevSecOps service to mitigate crypto fund theft
27 September 2021 UK
Image: fotomek
RFA, a financial cloud and cybersecurity provider, has launched a development security operations (DevSecOps) service and an application lifecycle management as additions to its data management suite of services, to help mitigate the theft of crypto funds.
The shift in the sophistication of cyber-attacks means development of open source projects, products, or initiatives by development teams can be at greater risk of cyber breach.
After a year of testing the DevSecOps, RFA has integrated the programme into its deployment practice which performs a static code analysis against security vulnerabilities during the build process.
An early adopter of new technologies and development practices, RFA is also supporting its clients to embrace the principles of open exchange and collaborative participation with its new application lifecycle management tool.
Focusing on providing working options, as well as continued decentralised cybersecurity for endpoints, staff and behavioural analysis, RFA's wider managed security service combines monitoring of endpoints, networks, applications and web resources with user behaviour analytics and investigations by teams based in a dedicated security operations centre (SOC).
Commenting on the launch of the DevSecOps service, Yohan Kim, CEO at RFA comments: “Several instances of theft at crypto funds were due to a lack of code security. Code was manipulated by hackers to reroute funds while the company was unaware of the changes during deployment into production. RFA's DevSecOps process protects our applications as well as our clients’ applications to greatly reduce these types of exploits."
George Ralph, RFA's global managing director and chief risk officer, says: "Our DevOps team have made great advances in the last year to support our clients with ongoing security challenges created by the rise in cyber criminals’ activity.”
He adds: “Cybersecurity is a key concern for traditional funds but also for newer digital asset funds entering the market and at RFA we are well equipped to provide leading service and solutions to all alternative asset managers."
The shift in the sophistication of cyber-attacks means development of open source projects, products, or initiatives by development teams can be at greater risk of cyber breach.
After a year of testing the DevSecOps, RFA has integrated the programme into its deployment practice which performs a static code analysis against security vulnerabilities during the build process.
An early adopter of new technologies and development practices, RFA is also supporting its clients to embrace the principles of open exchange and collaborative participation with its new application lifecycle management tool.
Focusing on providing working options, as well as continued decentralised cybersecurity for endpoints, staff and behavioural analysis, RFA's wider managed security service combines monitoring of endpoints, networks, applications and web resources with user behaviour analytics and investigations by teams based in a dedicated security operations centre (SOC).
Commenting on the launch of the DevSecOps service, Yohan Kim, CEO at RFA comments: “Several instances of theft at crypto funds were due to a lack of code security. Code was manipulated by hackers to reroute funds while the company was unaware of the changes during deployment into production. RFA's DevSecOps process protects our applications as well as our clients’ applications to greatly reduce these types of exploits."
George Ralph, RFA's global managing director and chief risk officer, says: "Our DevOps team have made great advances in the last year to support our clients with ongoing security challenges created by the rise in cyber criminals’ activity.”
He adds: “Cybersecurity is a key concern for traditional funds but also for newer digital asset funds entering the market and at RFA we are well equipped to provide leading service and solutions to all alternative asset managers."
← Previous industry article
MarketAxess extends global fixed income trading network to China’s Bond Market
MarketAxess extends global fixed income trading network to China’s Bond Market
NO FEE, NO RISK
100% ON RETURNS If you invest in only one asset servicing news source this year, make sure it is your free subscription to Asset Servicing Times
100% ON RETURNS If you invest in only one asset servicing news source this year, make sure it is your free subscription to Asset Servicing Times
