Security Architecture Support to a Government Client

About the client
The client had a requirement for two public-facing systems, implemented by a development partner:
- a central payments platform to enable public sector organisations to make secure payments to payees
- an identity platform to enable users to securely sign in and prove their identity to a variety of public services
AWS and Kubernetes Security Architecture
ControlPlane was engaged by the client’s chosen implementation and development partner to provide security architecture and threat modelling services during development of the Kubernetes-based common platform, and through-life security support to the running applications.
Challenges
The client faced the following challenges:
- limited insights of the required security controls for each delivery phase, necessitating assistance from container and Kubernetes security experts
- the customer lacked an understanding of potential threat actors targeting the organisation and the most probable attack paths
Solutions
ControlPlane helped the client in the following ways:
- Development of a comprehensive threat model to identify and assess potential security risks at every phase of the project.
- Close Collaboration with the development teams to refine security stories, translating them into actionable security controls within each agile sprint.
- Regular presentations to key stakeholders with the threat model and the corresponding security controls for important milestones, fostering transparency and understanding.
- Supporting the client’s compliance goals by aligning each security control with established industry standards such as NIST, OWASP, and CIS.
Business outcomes
The customer successfully established secure and robust payments and identity platforms, enabling business goals to be met with robust security standards maintained. ControlPlane’s threat model-driven approach, collaboration with development teams, stakeholder communication, and adherence to industry best practices ensured the projects’ overall success.
Similar case studies

Lloyds Banking Group: Container Security Maturity Model

The Linux Foundation: Authoring the Kubernetes and Cloud Native Security Associate (KCSA) Exam
