In this conversation at the AWS Financial Services Symposium, Paul Davis, field CISO at JFrog, joins theCUBE Research’s Dave Vellante and Scott Hebner to explore how financial institutions are scaling operations and modernizing infrastructure through cloud-native architectures and resilient DevSecOps strategies. Davis underscores the urgency of maintaining high performance and regulatory compliance amid growing transaction volumes, rising CVEs and evolving AI technologies.
Davis dives into real-world tactics for securing software supply chains using JFrog's integration with AWS solutions such as Security Hub, Outposts and PrivateLink. He emphasizes the importance of real-time visibility, traceability and hybrid cloud flexibility in reducing risk without slowing innovation. The conversation also touches on the central role of a secure ML artifact repository when deploying gen AI and agentic AI in high-stakes financial environments.
The interview doesn't shy away from hard questions: how do you govern AI-generated code, prevent shadow ML and future-proof against the next wave of vulnerabilities? Davis shares candid insights on crafting an effective MLSecOps program, building secure workflows with Amazon SageMaker and using automation to stay ahead of compliance demands. It’s a must-watch for leaders looking to blend speed, security and scale in today’s financial tech landscape.
Find more SiliconANGLE news and analysis https://siliconangle.com/
Follow theCUBE's wall-to-wall event coverage https://siliconangle.com/events/
Learn about the latest theCUBE events https://www.thecube.net/
00:00 - Intro
00:06 - Foundations and Challenges of Software Supply Chain Security
03:03 - Streamlining Software Development: Addressing Integration and Security in Lifecycle Management
05:14 - Integrating Cloud and Developer Security: Roles of AWS and JFrog
08:48 - Advanced Security: Integrating AI and Cloud Solutions
11:48 - AI Security and Integration with Hugging Face
14:41 - Strategic Governance and Collaborative Strategies in AI
22:37 - Regulation and Reflections: Securing AI's Future
