Shift-Left Data Protection: The Architect's Role in Embedding Agentic AI into DevSecOps

Authors

  • Veera Venkata Ramana Murthy Bokka Kakatiya University, India

DOI:

https://doi.org/10.5281/zenodo.17853455

Keywords:

Agentic AI, DevSecOps, Shift-Left Security, Enterprise Architecture, Compliance Automation

Abstract

This means data protection must commence during the design phase, rather than post-deployment, to solve the compliance debt crisis affecting today's software development organizations. This article redefines the role of the enterprise architect as a governance orchestrator who embeds Agentic AI inside DevSecOps pipelines to transform compliance from a bottleneck in development into an automated assurance mechanism. In this regard, the architectural model proposes the use of three independent intelligence layers, including Guardian Agents that perform both dynamic and static application security tests with intelligent remediation recommendations; Policy Advisors that test the organizational policy and adapt to changes in regulations; and Feedback Agents that gather production telemetry to feed back the development-phase security controls. It also describes an implementation plan, which combines Azure DevOps and GitHub Actions to coordinate pipelines, Terraform to check infrastructure-as-code compliance, and Azure OpenAI to analyze semantic security findings. The empirical validation from the enterprise pilot demonstrates significant reductions in late-stage data protection issues, improved audit traceability, and reduced manual code review burdens. Consequently, the research establishes that architects need to design closed-loop feedback systems with codified guardrails, approval workflows, and automated rollback mechanisms in an attempt to balance autonomous operation with human oversight. This article shows that successful shift-left data protection is based on architectural decisions, which preside over agent placement, inter-agent communication protocols, and lifecycle management, plus organizational culture transformation to collaborative security ownership

Author Biography

Veera Venkata Ramana Murthy Bokka, Kakatiya University, India

Kakatiya University, India

References

TSoft Global, "2024 Global DevSecOps Report," TSoft Global, 2024. [Online]. Available: https://www.Tso ftglobal.com/wp-content/uploads/2024/09/1308b282-7071-4b13-a6d0-3e9471acbbce.pdf

IBM Security and Ponemon Institute, "Cost of a Data Breach Report 2025,". [Online]. Available: https://www.ibm.com/downloads/documents/us-en/131cf87b20b31c91

Synopsys, "2024 Open Source Security and Risk Analysis Report," 2024. [Online]. Available: https://static.carahsoft.com/concrete/files/1617/1597/8665/2024_Open_

Source_Security_and_Risk_Analysis_Report_WRAPPED.pdf

Verizon, "2024 Data Breach Investigations Report," 2024. [Online]. Available: https://www.verizon.com/ business/resources/reports/2024-dbir-data-breach-investigations-report.pdf

Veracode, "State of Software Security Report," 2024. [Online]. Available: https://www.veracode.com/wp-content/uploads/2024/06/SOSS-Report-2024.pdf

Cloud Security Alliance, "Top Threats to Cloud Computing: Pandemic Eleven,". [Online]. Available: https://assets.extrahop.com/pdfs/analyst-reports/top-threats-to-cloud-computing-pandemic-eleven.pdf

Sucuri, "OWASP Top Security Risks & Vulnerabilities 2021,". [Online]. Available: https://sucuri.net/ guides/owasp_top_10_2021_edition/

Janet Worthington et al., "The State Of Application Security, 2024," Forrester Research Inc., 2024. [Online]. Available: https://www.forrester.com/report/the-state-of-application-security-2024/RES180999

Surana, S. “Implementing ERP Systems in Financial Services: A Case Study on Driving Adoption and Ensuring Data Integrity." Sarcouncil Journal of Economics and Business Management 4.06 (2025): pp 1-

Belhassen, A. " Machine Learning for Predictive Maintenance: Fusing Vibration Sensor Data and Thermal Imaging to Forecast Bearing Failure." Sarcouncil Journal of Engineering and Computer Sciences 1.3 (2022): pp 9-18

Mensah, J. B. "The Environmental Impacts of Poor Waste Management: A Call for Sustainable Action." Sarcouncil Journal of Applied Sciences 3.6 (2023): pp 1-9

Mintah, P. A. (2025). Debt-Free Property Development as a Model for Financial Sustainability. Journal Of Entrepreneurship And Business Management, 4(11), 1-9.

Downloads

Published

2025-12-08

How to Cite

1.
Bokka VVRM. Shift-Left Data Protection: The Architect’s Role in Embedding Agentic AI into DevSecOps. se [Internet]. 2025Dec.8 [cited 2026Feb.12];3(12):27-34. Available from: https://iphopen.org/index.php/se/article/view/381

Issue

Vol. 3 No. 12 (2025): IPHO-Journal of Advance Research in Science And Engineering

Section

Articles

License

Copyright (c) 2025 IPHO-Journal of Advance Research in Science And Engineering

Creative Commons License

This work is licensed under a Creative Commons Attribution-NonCommercial-ShareAlike 4.0 International License.

Author(s) and co-author(s) jointly and severally represent and warrant that the Article is original with the author(s) and does not infringe any copyright or violate any other right of any third parties and that the Article has not been published elsewhere. Author(s) agree to the terms that the IPHO Journal will have the full right to remove the published article on any misconduct found in the published article.

Crossref
Scopus
Google Scholar
Europe PMC