Speaker

Satish Swargam

Satish Swargam

Lead Security Architect

Overland Park, Kansas, United States

Satish Chandra Swargam is a Lead Security Architect. Since joining Cerner, Satish has partnered with IP teams for implementing Cerner's Secure Software Development Lifecycle, commonly known as "Secure From The Start". As part of this effort, Satish has assisted IP teams by conducting internal security assessments, threat modeling and designed static code analysis roll out.
He has over 23 years experience architecting, designing and developing web based applications. In his previous jobs, he has worked on Machine Learning algorithms for self organized clusters and concept search. He has conducted application security assessments with several partners for the Code Validation Program.

His previous external presentations have been on:
* Automated Mapping for Security Compliance @Ai4 Healthcare
* Parallelization of an Object-Oriented Three-Dimensional Burnett Equations Solver @AIAA
* Development of an object-oriented three-dimensional Burnett equations solver for computing hypersonic flows in continuum-transition regime @AIAA
* Eulerian finite element analysis of 3D machining @CFD
* Kinematics of Side Impact Dummies on side-facing Aircraft Seats @International Journal of Crashworthiness

Area of Expertise

  • Health & Medical
  • Information & Communications Technology
  • Agriculture, Food & Forestry

Topics

  • Application Security
  • Cloud Security Architecture
  • continuous security validation
  • Architecture
  • Machine Learning & AI
  • safety

Cerner Open Developer Experience

Cerner Open Developer Experience (code) encourages innovators to build apps that advance the health care industry through improved interoperability capabilities.

The validation process has four main categories of focus, which verify that a solution provides our clients with a great experience: security, functionality, user experience and operations. This process requires a minimum of two weeks to complete, but the actual duration varies based on the complexity of the application, the number of issues identified in the process and the responsiveness of the external developer.

Having collaborated over sixty integrations, we will demonstrate the process and share our experiences on the code validation program on each of the four categories.

SMART on FHIR and Cerner Ignite APIs

Automated Mapping for Security Compliance

There are several security standards, guidelines and controls from different agencies such as NIST, DISA, GDPR and OWASP. It becomes a daunting task to go through all the security guidelines and controls to meet compliance. Development teams, production owners and security groups often have to complete duplicate responses when demonstrating adherence to security compliance.

General security compliance for remote hosting services (HIPAA / ISO / SOC / NIST / HITRUST) that needs to be met and an overview of the compliance roadmap will be presented.

Since there is overlap in the guidelines from the various security agencies, mapping them to common tasks helps operational efficiency and effectively show compliance.


A machine learning approach will be demonstrated to show how the mapping can be made easier for the security controls from different agencies. A consistent mapping with less human errors and a tool to facilitate grouping of related controls for security practitioners will be presented.

This technique can be applied to different document corpuses and examples from HITRUST, ASVS, STIGs and NIST will be demonstrated.

Proven statistical methods with NLP and innovative ways to perform concept search, score, rank, boost, group, relate and map raw documents will also be presented.

Satish Swargam

Lead Security Architect

Overland Park, Kansas, United States