For the National Australia Bank (NAB), operating across multiple cloud environments and delivery platforms is a necessity but results in a critical challenge - fragmented visibility and the costly reality of "design once, build thrice" security controls. Learn how NAB moved beyond compliance to empower every engineering team with a unified view of risk, achieving security at speed and scale.
What this session is about
Playbook
Editorial commentary · what to actually do about this on Monday
The concept
Multi-cloud security via unified posture management. Stop "design once, build thrice" by abstracting policy from cloud-specific primitives.
Why it matters
Banks live multi-cloud whether they want to or not — M&A, regional regulations, vendor diversification, redundancy. Single-cloud policies don't scale.
The hard parts
Each cloud's primitives differ. Abstractions leak. A policy that works for IAM on AWS doesn't translate cleanly to Azure RBAC.
Playbook moves
(1) Codify policies in a cloud-agnostic layer — a CSPM tool or policy-as-code framework. (2) Push enforcement into dev pipelines (block at PR), not at runtime. (3) Accept that some policies will need cloud-specific implementations; document why.
The surprise
Multi-cloud security is mostly a *metadata* problem. What assets exist, where, owned by whom, classified how? Solve metadata first; controls fall out of metadata. Most orgs put the controls before the metadata and end up with controls they can't enforce.
---
Independent editorial perspective — not an official AWS or speaker statement. Designed for executives evaluating what to brief their teams on next.
Live updates related to this session LIVE
Sourced via Parallel AI Monitor — continuous web watch on 21 topical streams. Updated .
- devblogs.microsoft.com high confidence Agent governance & policy gating
Microsoft Agent Framework at BUILD 2026
SailPoint announced 'Agentic Fabric,' which extends identity security to AI agents, providing visibility, ownership, and machine-speed threat response to govern AI agent behavior.
- composio.dev high confidence Agent governance & policy gating
MCP Gateway
Merge.dev launched Merge Gateway and the Merge Agent Handler, acting as a control plane for production AI by replacing multiple MCP servers with a single secure layer for authentication and operation.
- claudemarketplaces.com high confidence Agent governance & policy gating
AxioRank — Agent Firewall | MCP Servers
PolicyLayer has emerged as a hosted MCP security gateway that provides deterministic policy enforcement on every tool call to ensure secure agent interactions.
- aithority.com high confidence Agent governance & policy gating
Operant AI Launches MCP Gateway: Enterprise-Grade Runtime ...
Merge.dev launched Merge Gateway and the Merge Agent Handler, acting as a control plane for production AI by replacing multiple MCP servers with a single secure layer for authentication and operation.
- policylayer.com high confidence Agent governance & policy gating
PolicyLayer | MCP Security Gateway & Policy Enforcement for ...
PolicyLayer has emerged as a hosted MCP security gateway that provides deterministic policy enforcement on every tool call to ensure secure agent interactions.
External links matched to this session via topic relevance. The KB does not endorse third-party content; verify before citing.