As microservices and complex platforms become the standard, ensuring secure connectivity while maintaining a smooth developer experience is a significant challenge. Traditional security models often introduce friction, slowing down innovation and deployment. Regulated industries must balance stringent security controls with the need for agility.
In this session, you will learn how Architecture as Code with CALM, an open-source initiative from FINOS, provides a structured approach to defining Patterns and Architectures that incorporate security and resilience from the start. You will see how CALM CLI can generate and validate architectures against predefined patterns, ensuring security compliance without compromising developer experience.
Through a live demo, you will observe how an initial deployment lacks security and how a threat model can be applied to highlight vulnerabilities. You will then learn how controls enforce security requirements, including Zero Trust principles to lock down the cluster. Finally, you will discover CalmHub and the Visualizer, tools that help review and maintain architectures over time.
Attendees will leave with a practical understanding of how to adopt Architecture as Code to streamline secure API connectivity, making compliance and security part of their deployment process.
Key Takeaways:
- Understanding the risks and complexity of secure API connectivity
- How CALM enables secure-by-design architectures
- Practical demonstration of CALM CLI and security controls
- Zero Trust and network segmentation in a microservices environment
- Visualizing and managing architectures with CalmHub
Target Audience:
Architects, platform engineers, DevSecOps professionals, and developers working in regulated environments or those seeking to improve security automation in their platforms.
Speaker
Jim Gough
Distinguished Engineer, API Platform Lead Architect @Morgan Stanley, Co-Author of Optimizing Java
James (Jim) Gough is a Distinguished Engineer and API Platform Lead Architect at Morgan Stanley, where he works on API strategy, security, and developer experience. A Java Champion, author, and conference speaker, Jim has contributed to the Java Community Process, co-authored Mastering API Architecture and Optimizing Cloud Native Java (O’Reilly), and leads open-source initiatives like FINOS Architecture as Code. Passionate about APIs, cloud-native architecture, and evolutionary design, he helps shape modern engineering practices across finance technology.
📘 Author of Mastering API Architecture and Optimizing Cloud Native Java | 🏆 Java Champion | 🎤 Speaker & Mentor
Date
Wednesday Apr 9 / 03:55PM BST ( 50 minutes )
Location
Whittle (3rd Fl.)
