Session
Reachability-Aware Autonomous SOC: AI-Driven SBOM and CVE Remediation on Cloud Native Pipelines
In modern cloud native delivery, the speed of shipping outpaces the speed of security.
Vulnerability scanners produce thousands of CVEs against every release; engineering teams ignore most of them; and the ones that actually matter slip through.
The fundamental problem is not detection, it is decision and remediation at machine speed.
In this session, Himanshu walks through how to build a reachability-aware autonomous Security Operations Center directly into Kubernetes-native CI/CD pipelines. AI agents consume SBOMs and CVE feeds generated with Trivy, score vulnerabilities through reachability analysis (does this CVE actually touch a live code path?), and propose patches as policy-gated pull requests via Kyverno, OPA, and Argo CD. Falco and Tetragon provide runtime signals back to the agent loop, closing the cycle from runtime evidence to source-tree fix.
The talk covers the closed-loop architecture, the failure modes real teams hit.
Please note that Sessionize is not responsible for the accuracy or validity of the data provided by speakers. If you suspect this profile to be fake or spam, please let us know.
Jump to top