Cloud applications in healthcare and finance must comply with stringent regulations such as HIPAA, PCI-DSS, and SOC 2. Traditional DevSecOps pipelines rely on manual policy checks and static scanners, which often fail to detect emerging vulnerabilities and compliance drift in real time. This paper introduces an AI-augmented DevSecOps toolchain that embeds autonomous agents throughout the CI/CD workflow to dynamically enforce regulatory controls. The proposed system integrates static code analysis, container scanning, and infrastructure-as-code validation with machine learning models trained to recognize non-compliant patterns in code and configuration. The architecture supports continuous compliance enforcement, reduces manual overhead, and improves audit readiness across regulated cloud environments. This paper delves into the design, implementation of this framework, highlighting its applicability to healthcare and financial workloads.
Sai Nitesh Palamakula (Fri,) studied this question.