Continuous pentesting in DevSecOps using AI agents
9
2:30 PM - 3:30 PM
A quarterly pentest is not a security program. It is a snapshot of an application that has already shipped four more releases since you ran it.
Your pipeline does not wait. Your attack surface does not wait.
The pentest being the slowest thing in your entire delivery cycle is a problem that tooling, not process, has to fix.
Shiva Krishna Samireddy, Head of Research, and Prakash Ashok, Head of Security, have spent more time breaking pipelines than most teams spend building them.
This session is them showing what continuous AI-driven pentesting looks like in a real DevSecOps environment with working integrations, live triage decisions, and the parts nobody puts on a roadmap slide.
What we'll cover:
1 - Why pentesting as a one-time event is a compliance checkbox and what it actually takes to make it continuous, verified, and pipeline-native
2 - How AI connects scattered low-severity findings into full attack paths your scanners would flag individually but never correlate on their own
3 - Why your CVSS scores are giving you a severity grade and not an exploitability answer, and what Strobes AI uses instead
4 - How to cut scanner noise before it reaches your team's backlog, rather than triaging it manually after the fact
5 - How to wire continuous pentesting into GitHub Actions, GitLab CI, and Jenkins without touching a single release gate
6 - How findings land directly in Jira, Slack, and PRs with fix guidance, so developers can act on without a security intermediary
7 - How Strobes AI auto-verifies patches after they deploy, so re-testing stops being a manual cycle nobody has time for
8 - How an organization-wide security knowledge base makes every future pentest faster and more accurate than the last
9 - How AI triage logic learns your environment over time, and why false positive rates keep dropping the longer you run it
10 - How to turn pentest data into a risk narrative that leadership can act on, instead of a vulnerability count that they cannot.
Who should attend:
- Product security engineers
- DevSecOps and DevOps engineers
- Cloud security engineers
- AppSec practitioners
- Security program managers
- Cloud and infrastructure engineers
**45 minutes of open content. Live Q&A at the end. **
Recording goes out within 24 hours to everyone who registers, whether you attend live or not.
If you are the person responsible for making security work inside a pipeline that was never designed for it, this webinar is perfect for you.
Speakers
Prakash Ashok
Head of Security
Prakash is the Head of Security at Strobes, working across the tools and pipelines that power modern security programs, including cloud (AWS, Azure), application security, containers, CI/CD, and agentic AI.
He focuses on scaling security and compliance through automation and AI-assisted operations, with experience in threat simulation and vulnerability management.
In this session, he will share how security teams can operationalize AI-driven pentesting within real-world pipelines and make it work at scale.
Shiva Krishna Samireddy
Head of Research
Shiva drives rapid advancement in security innovation, engineering, and delivery at Strobes, including the agentic AI ecosystem that powers the platform. His team stays ahead of emerging threats, validates exploitability, and ensures the intelligence behind Strobes reflects where the threat landscape is actually heading. When the platform makes a call on risk, it is because Shiva's team has already done the hard work of proving it is right.
Replays
See all
9
2:30 PM - 3:30 PM