Modern cloud-native CI/CD pipelines enable rapid software delivery but introduce new security challenges. We propose GenSecAI-Ops, a framework embedding specialized generative AI agents across the pipeline for proactive security and automated remediation. GenSecAI-Ops uses Retrieval-Augmented Generation (RAG) and eXplainable AI (XAI) for reliable security automation. Implemented using GitHub Actions and Jenkins, our framework demonstrates significant improvements in detection accuracy, remediation correctness, and developer trust while maintaining pipeline velocity. The approach provides a practical blueprint for integrating AI-driven security controls in DevSecOps workflows.

错误:搜索内容不能为空,请输入英文关键词
错误:关键词超出字数限制,请精简
高级检索

Leveraging Generative AI for Proactive Security and Automated Remediation in Cloud-Native CI/CD Pipelines

  • Akshay Mittal,
  • Vivek Venkatesan

摘要

Modern cloud-native CI/CD pipelines enable rapid software delivery but introduce new security challenges. We propose GenSecAI-Ops, a framework embedding specialized generative AI agents across the pipeline for proactive security and automated remediation. GenSecAI-Ops uses Retrieval-Augmented Generation (RAG) and eXplainable AI (XAI) for reliable security automation. Implemented using GitHub Actions and Jenkins, our framework demonstrates significant improvements in detection accuracy, remediation correctness, and developer trust while maintaining pipeline velocity. The approach provides a practical blueprint for integrating AI-driven security controls in DevSecOps workflows.