Sumir Arora
Senior Solutions Architect
Sumir Arora is a Senior Solution Architect with 15+ years across cloud, integration, and platform engineering. His recent work sits at the intersection of platform engineering and AI—building agentic systems that bring autonomy to operational workflows like change management, troubleshooting, and API testing.
He designs for the hard part: letting automation scale without losing control. That means governance, guardrails, policy-as-code, and clear architectural boundaries—the things that make autonomous systems safe to run in production.
Presentations
The hard part of AI in the cloud isn't scaling anymore—it's governing agents that act on your infrastructure on their own.
Autoscaling and workload optimization are no longer the challenge. They're commoditized—built into the cloud platforms and AIOps tools you already use. The real shift begins when AI stops recommending and starts acting: agents that provision, deploy, and change your infrastructure on their own.
This session focuses on the part most teams underbuild—trust boundaries, blast radius, and policy-as-code that keeps an agent inside its guardrails. The principle worth holding onto: agents earn autonomy, they don't start with it. You'll leave with a clear approach for building AI systems that scale without handing over control you can't take back.
Cloud and Kubernetes environments get complicated less because the tools are bad and more because every team wires them differently—config drift, snowflake clusters, manual handoffs, and pipelines nobody fully trusts. This session shows how a Git-driven model cuts that overhead: one source of truth, automated provisioning, and delivery you can actually reason about.
You'll leave with a practical approach for reducing operational overhead—not just moving it somewhere else. The throughline: when provisioning, configuration, and delivery all run from Git, the operational surface you have to manage by hand shrinks.
API security goes beyond protecting endpoints—it requires defense across infrastructure, data, and business logic. In this talk, I’ll present a structured approach to implementing Zero Trust security for APIs in a cloud-native architecture.
We’ll cover how to establish a strong foundation across layers—using mTLS, OAuth2/JWT, policy-as-code (OPA), GitOps for deployment integrity, and cloud-native secrets management. The session addresses real-world threats like misconfigurations, privilege escalation, and API abuse, and shows how to mitigate them with layered controls in Kubernetes-based environments on Azure and AWS.
Attendees will walk away with actionable practices to secure their API ecosystem end-to-end— without slowing development teams down.