DSC India

Power of AI: DevSecOps & Cloud Artifact Signing Explored

with Balasaheb Salunke, Srinivas Vungarala
play_circle

Description:

  1. Session 1: How is AI shaping up DevSecOps by Srinivas Vungarala
  2. Session 2: Exploring Cloud Artifact Signing with Notary and Cosign for trust and integrity with Balasaheb Salunke

Session 1: How is AI shaping up DevSecOps
AI is playing a significant role in enhancing the capabilities of DevSecOps engineers by automating vulnerability scanning and analysis, threat intelligence and monitoring, security automation and orchestration, predictive analytics and risk assessment, code analysis and review, and security testing and validation. AI-powered tools can help DevSecOps engineers identify and remediate vulnerabilities early in the development cycle, detect potential threats, detect anomalies, and provide early warning notifications. AI can support continuous monitoring and compliance, security automation and orchestration, predictive analytics and risk assessment, code analysis and review, security testing and validation, and automated security testing. AI-powered tools can automate routine security tasks, such as log analysis, incident response, and policy enforcement, allowing DevSecOps engineers to focus on more complex security issues and strategic initiatives. AI can also automate security testing by analyzing code, identifying vulnerabilities, and suggesting remediation measures.

Session 2: Exploring Cloud Artifact Signing with Notary and Cosign for trust and integrity
In the rapidly evolving landscape of Cloud and cloud native adoption ensuring the trust and integrity of software artifacts is of supreme importance.
In this talk, we will go over the need for trust and integrity in cloud territory. We will discuss the principles behind cloud artifact signing, including the use of digital signatures, transparency logs, and the role of public key infrastructure. We would also understand what tools are available to support cloud artifacts signing and their comparison. We can demonstrate the image signing using Notary as well as Cosign.

Join the Community!
If you haven’t joined the Discord community, please do so! You can find us on Discord at: https://devseccon.io/discordcommunity

Tags:

AIinSecurity
CloudArtifacts
DevSecConIndia
DevSecOps
NotaryAndCosign

Balasaheb Salunke

Software Architect at Qualys

About Balasaheb Salunke

Balasaheb Salunke has accumulated a decade’s worth of expertise in the field of Information Security. I have had the opportunity to work with a top-tier Dynamic Application Security Testing (DAST) scanner in the industry. Currently, I hold the position of Software Architect, specializing in Container and Cloud security. My areas of interest lie in system-level development and security.

Srinivas Vungarala

Software Engineering Manager, Identity and Access Management. at Wells Fargo Technology India & Philippines

About Srinivas Vungarala

Srinivas V. leads the Provisioning and Reconciliation team as a part of Identity and Access Management Engineering function at Wells Fargo Technology India & Philippines. Srinivas has 13 years of experience in the
Information & Cybersecurity domain. Prior to joining Wells Fargo in 2020, he was with Target Corporation, Cognizant Technology Solutions, and Ramco Systems in course of which he was responsible for delivery of multiple complex projects on IAM implementation and consulting. Srinivas holds a Master’s degree in Computer Science and a certificate in General Management Programme for IT Executives (GMITE) from IIM Bangalore. He is a Certified Information Systems Security Professional (CISSP) and is Cybersecurity certified (CC) from ISC2.

Srinivas enjoys reading and music and is interested in spiritual wellness.

We use cookies to ensure you get the best experience on our website.Read Privacy Policy
close