Customer Success Story
Solaris offers their clients a completely digital Banking-as-a-Service platform to which other businesses can connect. This business model easily enables existing and new business to offer their own financial services. Solaris has chosen Amazon Web Services (AWS) as their strategic cloud platform partner for the development of their existing and upcoming digital products.
As a fully licensed bank, Solaris needs to meet very high security-requirements. Given that AWS provides the most complete and mature cloud ecosystem with a strong security focus, Solaris and AWS are a perfect fit. AWS offers more than forty ready-to-use security-related services, which no traditional on-premise datacenter can compete with.
Alice&Bob accompanied Solris, leveraging the power and capabilities of these security services, in order to further enhance their overall security posture.
Derived from agile threat modelling workshops, Alice&Bob covered and optimized several aspects of cloud security: Top priority was setting up intrusion & DDoS prevention. This also included the implementation of a continuous auditing service. AWS cloud services like GuardDuty, Shield, Config and Lambda have been prepared, set up, arranged and implemented, in order to protect accounts and workloads with intelligent threat detection and automated incident response.
Furthermore, the focus laid on the improvement of the Identity and Access Management (IAM). Service Control Policies (SCPs) helped to effectively manage and control guardrails consistently across the different accounts.
Additionally, security became an inherent component of Solaris’ CI/CD pipelines. More specific: with every code update released for their products, several automatic audits, vulnerability scans and compliance checks are evoked automatically. Thereby security controls are embedded into every phase of the software development process, making Solaris’ products secure by design. Solaris’ security has undergone a “shift left”.
To spread the knowledge around the organization Alice&Bob enabled and trained the team on the freshly implemented features. With their highly skilled, experienced and 100% certified team, Alice&Bob delivered custom trainings on AWS security as well as on AWS basics. This helped solarisBank to reinforce their security culture and accelerate their AWS cloud migration.
“Our teams had very productive collaborations with Alice&Bob. They validated and improved our architecture and design decisions, with a strong perspective on security. I really appreciate their in-depth technical knowledge and experience, combined with their passionate ‘can-do-attitude’.“, said Dennis Winter, Deputy VP TechOps at solarisBank.
As a technology company with a banking license, Solaris offers a completely digital Banking-as-a-Service platform to which other businesses can connect in order to offer financial services themselves. Solaris was founded in March 2016, after receiving a full banking license from the German regulator within just nine months.
The company is able to passport the license to other EEA countries in order to serve business partners in nearly any European country.