As the financial industry accelerates digital transformation, microservices architecture has become essential for achieving agility, scalability, and operational efficiency. At Cathay, the IPE (中台) microservices extensively, yet faces growing challenges in managing software vulnerabilities, cryptographic security, and AI model governance.
This session will introduce Cathay’s strategic adoption of SBOM (Software Bill of Materials), CBOM (Cryptographic Bill of Materials), and AIBOM (AI Bill of Materials) as foundational tools for securing the microservices supply chain:
SBOM: Enhances visibility into third-party and open-source components for proactive vulnerability management.
CBOM: Catalogs cryptographic assets to address post-quantum threats and regulatory requirements.
AIBOM: Tracks AI model metadata for responsible AI governance and risk assessment.
Through real-world practices, this session will demonstrate how Cathay transforms these concepts into practical governance frameworks—strengthening security, ensuring compliance, and maintaining trust in a fast-evolving fintech landscape.