FINOS Events

FINOS Events

GITPROXY WORKSHOP - OSFF TORONTO

April 13, 2026, 1:00pm
Toronto

Securing the Bridge Between Internal Banking Networks and Public Open Source

Stop fighting the corporate firewall. Start using GitProxy.

For developers in regulated banking, pushing to external code repositories such as GitHub is a problem:  it represents a vector by which private or secret organisational information could be accidentally or deliberately exfiltrated.   So - how can you commit to Open Source projects from behind the firewall?

GitProxy is the solution. Join Elspeth Minty and Thomas Cooper from RBC to implement the "Smart Airlock" that sanitizes the connection between your internal network and public open source—giving developers the access they need while satisfying the strict controls InfoSec demands.

 

 

APPLY FOR SEAT

Workshop Description

A workshop deep dive into how GitProxy works, how to configure it in your organization, how to set it up, and how to improve it. This session is designed for OSPOs, Developers, and Infrastructure Engineers in firms wanting to make the most of open source contribution and compliance without compromising security.

In this hands-on session, we will cover:

  • Architecture: How GitProxy sits between your internal developer environment and the public internet.
  • Configuration: Setting up allow-lists, block-lists, and approval workflows for new repositories.
  • Audit Trails: Logging every clone, push, and pull to satisfy internal audit requirements.

Who Should Apply?

This session is critical for the "Gatekeepers" of the bank's infrastructure:

  • Network & Infrastructure Engineers: Who manage the corporate proxy and are tired of one-off firewall requests.
  • AppSec & InfoSec Leads: Who need to prevent IP leakage (accidentally pushing internal code to public GitHub).
  • DevOps Architects: Who want to speed up CI/CD pipelines that rely on public dependencies.
  • OSPO Heads: Who need a technical enforcement mechanism for their contribution policies.

What You Will Walk Away With:

  1. Deployment Guide: A step-by-step blueprint for deploying GitProxy 
  2. Policy Patterns: Examples of "Gold Standard" security policies used by peer banks to whitelist trusted organizations (e.g., FINOS, Apache) while blocking high-risk repos.
  3. Audit Readiness: How to generate the exact reports your Internal Audit team needs to sign off on open source access.

Prerequisites

  • Laptop Required: You will be reviewing configuration files and architecture diagrams.
  • Network Knowledge: Understanding of HTTP Proxies, SSL Inspection, and Firewalls is highly recommended.
  • Git Proficiency: Basic understanding of Git protocols (HTTPS/SSH).

Logistics & Application

  • Date: Monday, April 13, 2026
  • Time: 1:00 PM – 5:00 PM ET
  • Location: Toronto Financial District (Venue details provided upon acceptance)
  • Cost: Free for approved applicants (Standard Value: $500)

Note: Due to the hands-on nature of this session, seating is strictly limited to 40 participants. Priority will be given to individuals from FINOS Member financial institutions and regulated industries.

APPLY FOR SEAT HERE
Twitter logo GitHub logo LinkedIn logo SlideShare logo YouTube logo

Contact Us
info@finos.org
+1 (650) 665-9773

Privacy | Terms of Service | Community Code of Conduct | Email Preferences