Hello! I am Nico, part of the Engineering team within Security here at Monzo 
In order to keep our customers safe, we put a lot of care in protecting some of our most sensitive workloads by running them inside AWS’ secure enclaves. We have recently learnt a lot about protecting these against supply chain attacks, specifically by achieving bit-by-bit reproducible builds. To do this, we have adopted Nix 
, an alternative to Docker for build environments.
Our new approach is radically different from AWS’ and it gives us even more confidence that we keep our infrastructure secure. So we decided to write about it and open source it! You can find the blog here:
Feel free to ask me anything!