AI-AUGMENTED DEVSECOPS: AUTOMATING THREAT DETECTION AND COMPLIANCE IN CLOUD-NATIVE PIPELINES USING TELEMETRY AND POLICY-AS-CODE
DOI:
https://doi.org/10.34218/IJCET_15_01_014Keywords:
DevSecOps, Artificial Intelligence, Anomaly Detection, Policy-as-Code, Cloud-Native Security, Telemetry AnalyticsAbstract
The increasing complexity of cloud-native infrastructure necessitates the automation of security governance. This study presents an AI-augmented DevSecOps model that integrates telemetry data from tools like Datadog, Certificate Manager, and Linkerd with real-time policy validation using Open Policy Agent (OPA). The system enables automatic detection of configuration drifts, potential CVEs, and security policy violations across Kubernetes clusters and CI/CD pipelines. Using anomaly detection algorithms trained on infrastructure logs, the framework supports predictive incident response and auto-remediation workflows. A case study from a production-grade SOC2-compliant platform shows how the model ensures continuous compliance and reduces mean time to detect (MTTD) vulnerabilities by over 70%. The framework demonstrates significant improvements in security posture while reducing operational overhead by 65% and achieving 99.2% accuracy in threat detection with minimal false positive rates.
References
Kim, G., Humble, J., Debois, P., & Willis, J. (2016). "The DevOps Handbook: How to Create World-Class Agility, Reliability, and Security in Technology Organizations." IT Revolution Press.
Chandola, V., Banerjee, A., & Kumar, V. (2009). "Anomaly detection: A survey." ACM Computing Surveys, 41(3), 1-58.
Shackleford, D. (2015). "DevOps and Security: Event-Driven Security Monitoring and Protection." SANS Institute.
Zhu, Y., Qin, X., Chen, P., & Wang, F. (2018). "Machine Learning for Network Anomaly Detection: A Survey." IEEE Communications Surveys & Tutorials, 20(4), 2834-2865.
Humble, J., & Farley, D. (2010). "Continuous Delivery: Reliable Software Releases through Build, Test, and Deployment Automation." Addison-Wesley Professional.
Munaiah, N., Kroh, S., Cabrey, C., & Nagappan, M. (2017). "Curating GitHub for engineered software projects." Empirical Software Engineering, 22(6), 3219-3253.
Burns, B., & Beda, J. (2019). "Kubernetes: Up and Running: Dive into the Future of Infrastructure." O'Reilly Media, Second Edition.
Downloads
Published
Issue
Section
License
Copyright (c) 2024 Shiva Kumar Chinnam (Author)
This work is licensed under a Creative Commons Attribution-NonCommercial 4.0 International License.
