Arpit Nigam
Chapter Lead DevSecOps @ EPAM Systems | Ex Mercedes Benz US, Ericsson
Bengaluru, India
Actions
Arpit Nigam is a DevSecOps and MLOps engineer with expertise in Kubernetes security, cloud infrastructure, and compliance. He has worked at Leena AI, Apollo 247, myAster, Mercedes Benz USA, and Ericsson India, optimizing distributed systems and security workflows. Skilled in Falco, eBPF, Terraform, Kafka, and Kubernetes, he focuses on runtime security and cost optimization. A mentor and speaker, Arpit shares insights on cloud-native security at CNCF events.
Links
Area of Expertise
Topics
How Gateway API Enables DevSecOps in GitOps-Driven Environments
As Kubernetes environments mature, organizations are moving beyond basic Ingress toward a more secure, scalable, and GitOps-friendly networking model. Enter the Gateway API — a powerful evolution in Kubernetes traffic management that brings modularity, flexibility, and policy enforcement into the DevSecOps workflow.
In this session, we’ll explore how the Gateway API enables secure, declarative traffic control aligned with GitOps principles. We’ll walk through how teams can separate concerns between platform and application teams, use ReferenceGrants to safely delegate routing, and enforce security policies such as TLS, traffic validation, and least-privilege routing — all through version-controlled manifests.
Whether you’re deploying services across multiple teams, looking to shift security left, or trying to avoid configuration drift in production — this talk will show how Gateway API can be the missing link between networking, security, and GitOps automation.
Unpacking Containers & Virtualization: Modern Infrastructure for Scalable Applications
Unpacking Containers & Virtualization: Modern Infrastructure for Scalable Applications
This session will cover:
• Virtual Machines vs. Containers – Understanding the key differences, advantages, and trade-offs.
• Container Runtimes & Orchestration – How Docker, containerd, and Kubernetes enable efficient deployment.
• Performance & Security Considerations – Best practices for securing and optimizing workloads.
• Hybrid & Multi-Cloud Deployments – Strategies for leveraging containers across cloud environments.
• Real-World Use Cases – How enterprises use containers for microservices, CI/CD, and scalable applications.
• Future Trends – The evolving role of containers and virtualization in cloud-native computing.
This session will provide actionable insights for beginners and experienced engineers looking to optimize their infrastructure.
Secure by Design: Embedding DevSecOps into Your GitOps Workflows
In the world of GitOps, our infrastructure is only as strong as the security of the pipelines that manage it. As organizations move faster with GitOps automation, they often unintentionally open new security gaps — from misconfigured access controls to vulnerable container images and unchecked drift in production.
Also as with GitOps the repository with main or master branch becomes the single source of truth it becomes more risky while we implement the GitOps using ArgoCD or FluxCD.
This talk bridges the gap between DevOps efficiency and security resilience by demonstrating how to embed DevSecOps principles directly into GitOps workflows. Will be talking about how to protect the crucial branches and other strategies around it.
I'll walk you through real-world patterns to shift security left in GitOps: integrating vulnerability scanners, automating policy enforcement using policy-as-code frameworks like OPA Gatekeeper and Kyverno, managing secrets safely, and building secure promotion workflows across environments.
Attendees will leave with actionable strategies to build GitOps pipelines that are automated, observable, and secure by design — not as an afterthought.
Whether you're scaling GitOps across dozens of clusters or just getting started, this talk will equip you to anticipate security risks and proactively defend against them, without slowing down innovation.
Through examples and a live demonstration, we'll show how security and GitOps can evolve together — achieving continuous delivery with continuous trust.
Beyond Logs: Leveraging eBPF & Falco for Real-Time Kubernetes Threat Detection
Traditional security in Kubernetes relies on logs and audit trails, often leading to delayed threat detection and high overhead. Falco, a CNCF project, uses eBPF (Extended Berkeley Packet Filter) to monitor system calls in real time, detecting threats like unauthorized access, privilege escalation, and suspicious network activity—without impacting performance.
This talk will cover:
• Why traditional security monitoring falls short in Kubernetes
• How eBPF enables lightweight, real-time detection
• Falco’s architecture and use of eBPF probes
• Practical threat detection examples (e.g., kubectl exec abuse)
• Best practices for integrating Falco into security workflows
Through a live demo, we’ll showcase how Falco instantly detects malicious behavior inside containers. Attendees will gain insights into modern Kubernetes security and how eBPF enhances observability for proactive threat detection. Ideal for security engineers, SRE & DevSecOps teams securing cloud-native environments.
Cloud Native & AI Day: "Beyond ChatBots — Let’s talk about Agentic Stack." User group Sessionize Event
Arpit Nigam
Chapter Lead DevSecOps @ EPAM Systems | Ex Mercedes Benz US, Ericsson
Bengaluru, India
Links
Actions
Please note that Sessionize is not responsible for the accuracy or validity of the data provided by speakers. If you suspect this profile to be fake or spam, please let us know.
Jump to top