Mr. Devi Prasad Guda

Data-Driven Application Security: Leveraging Telemetry for Intelligent Risk Management

Abstract:

Traditional approaches to application security often treat findings from security tools as isolated events, limiting their usefulness. This paper proposes a shift toward viewing application security through a data-centric lens, treating security outputs as continuous telemetry signals that provide insight into system health and development efficiency. By embedding structured security metrics—such as scan frequency, time-to-remediate, and recurring vulnerabilities into engineering workflows, organizations can improve decision-making, prioritize effectively, and enhance response consistency. This approach enables real-time visibility, proactive risk management, and better collaboration between development, security, and operations teams. As security evolves, leveraging data as a strategic asset will be critical in driving maturity, forecasting risks, and integrating scalable, intelligent security practices into the software lifecycle.

Profile:

Devi Prasad Guda is a Lead Security Engineer with extensive experience in building secure software systems and defending enterprise environments against advanced cyber threats. He holds both CSSLP (Certified Secure Software Lifecycle Professional) and CISM (Certified Information Security Manager) certifications, reflecting his deep expertise in secure software development and strategic security management. With a strong focus on threat modeling, secure SDLC practices, and incident response, Devi Prasad has played a critical role in hardening systems across various industries. His work bridges the gap between software engineering and cybersecurity, enabling organizations to proactively mitigate vulnerabilities and reduce attack surfaces. Devi Prasad actively contributes to the security community through mentorship, secure architecture reviews, and the promotion of best practices in software and infrastructure security.