Jack Kleeman
Controlling outbound traffic from Kubernetes
We recently finished a major networking project which let us control internal traffic in our platform. And we've been thinking about how we can add similar security to network traffic leaving our platform.
We secured thousands of Cassandra clients to keep Monzo's data safe
Our security team at Monzo are working towards a 'zero trust' cluster, where an attacker inside our cluster would have no power.
We migrated Vault's storage with no downtime
We use Vault for secret management and credential issuance, and we've always configured it with the Cassandra storage backend. To help us scale, we moved to the S3 backend. But it was crucial we kept Vault available.
We built network isolation for 1,500 services to make Monzo more secure
We've been working on isolating the 1,500 services that power Monzo. The sheer size and complexity of our platform made this difficult. But by protecting us against compromised services, it makes Monzo more secure.
How our security team handle secrets
We recently designed a new system to manage secret information safely – from the keys that we use to sign your Mastercard transactions, to credentials for external services.
How we improved our staff VPN
OpenVPN is great, but there were some things we wanted to change.
Do you need a computer science degree to become a software engineer?
A lot of Monzo engineers don't have technology degrees. Here's their advice for budding developers.
The Refactathon: Cleaning up old code
We held an internal hackathon to improve some of the oldest code in the bank! Here’s why that’s good for our engineers and our customers.