Mr. Rajat Kumar Gupta

AI-Enhanced API Security: Accelerating Detection Accuracy and Reducing Vulnerability Resolution Time in CI/CD Pipelines

Abstract:

As organizations embrace cloud-native architectures and microservices, API security threats have grown exponentially, with broken object-level authorization and mass assignment vulnerabilities becoming critical attack vectors. Traditional static analysis tools fail to detect such runtime vulnerabilities, leaving up to 40% of logic flaws undetected in production environments.
This session explores how AI-driven security scanning tools such as Catalina and OWASP ZAP integrate into CI/CD pipelines to transform API security posture. By leveraging behavioral analysis, anomaly detection, and predictive threat modeling, organizations have achieved up to 30% higher detection accuracy and 50% fewer false positives compared to signature-based methods. We present a structured implementation framework for embedding security gates across the SDLC, enabling real-time vulnerability feedback and risk-based prioritization using ML-based scoring systems. Case studies show how automated remediation engines reduce mean time to resolution (MTTR) by up to 45%, aligning vulnerability fixes with sprint cycles and improving developer productivity. Finally, the session highlights emerging trends, including federated learning for cross-organization threat intelligence and explainable AI for transparent vulnerability decisions, offering a roadmap for organizations at different maturity levels to scale AI-enhanced API security effectively.

Profile:

Rajat Kumar Gupta is a seasoned software engineer with over 17 years of experience in developing scalable backend systems, cloud security platforms, and secure content delivery solutions. Currently a Principal Member of Technical Staff at Oracle, Rajat leads security automation and data platform initiatives for Oracle Cloud Infrastructure (OCI), driving innovations in API vulnerability management and compliance workflows. His prior roles spanned industry giants such as Amazon, AWS, Discovery Inc., and Adobe, where he contributed to critical systems, including AWS S3 log analytics, Discovery+ identity and access management, and Adobe Primetime DRM. With deep expertise in Java, Python, AWS, OCI, Kubernetes, and advanced security protocols, he has delivered numerous enterprise-grade solutions across cloud infrastructure, digital rights management, and PDF processing. Rajat holds a Master’s in Computer Science from IIT Guwahati and a Bachelor’s in Engineering from the Government. Engineering College, Bikaner. He is also credited with a patent on high-speed image redaction and has published research in IEEE on wireless network handoff mechanisms. Thank you  Rajat Kumar Gupta