Post by Ashish Sahu

Software Engineering Manager @ Visa | Security Automation · Python · GenAI Agents · Vulnerability Management · SSDLC · LangGraph · RAG

"The security tools which were used 3 years ago can't handle the infrastructure we're running today" Cloud environments don't stand still. But a lot of security practices do. In 2021, "securing your application" meant SAST scans, dependency checks, and maybe a WAF. Today, you're dealing with: - Hundreds of microservices with independent deployment cycles - IAM roles sprawling across multi-account AWS, Azure, or GCP setups - AI workloads introducing entirely new attack surfaces. - Third-party APIs and SaaS integrations your security team didn't approve The perimeter is gone. The blast radius of a single misconfiguration has never been larger. And yet — most teams are still triaging findings in spreadsheets and chasing ticket SLAs manually. What's actually changing the game right now: - AI-powered remediation agents that reason over asset context before routing a finding to an engineer - Policy-as-code (OPA, Cedar) making security rules version-controlled and testable like software - Graph-based identity analysis exposing privilege escalation paths that linear IAM reviews miss - Agentic security workflows replacing manual SOC Tier-1 tasks with auditable, automated decision chains We're at an inflection point. The teams pulling ahead aren't the ones with more analysts — they're the ones treating security as an engineering problem and automating the operational layer aggressively. Curious: which of these shifts is your team feeling most right now? #CyberSecurity #CloudSecurity #DevSecOps #SecurityAutomation #AgenticAI #AIinCybersecurity #PolicyAsCode #ZeroTrust #EmergingTech #SecurityEngineering