Authors : Gopinath Kathiresan

Volume/Issue : Volume 10 - 2025, Issue 5 - May

Google Scholar : https://tinyurl.com/46ww6va3

Scribd : https://tinyurl.com/4ey2s86n

DOI : https://doi.org/10.38124/ijisrt/25may339

Google Scholar

Note : A published paper may take 4-5 working days from the publication date to appear in PlumX Metrics, Semantic Scholar, and ResearchGate.

Note : Google Scholar may take 15 to 20 days to display the article.

Abstract : Incremental software development and deployment brought about the much-advertised Continuous Integration and Continuous Deployment (CI/CD) approaches that have changed completely how modern applications are constructed, tested, and launched. But the fast-delivery strategy hugely opened the gates to cyber threats, giving CI/CD pipelines the status of most-sought cyber-hacking targets. Traditional static security models have been frequently experienced to fail in in line with the dynamic nature of CI/CD workflows, hence allowing undetected vulnerabilities to persist and prolonging remediation. This study proposes the utilization of reinforcement learning (RL) for optimizing cybersecurity risk modeling and testing in CI/CD pipelines. The system makes maximum use of real-time threat intelligence, in combination with dynamic test selection techniques, toward maximum detection of vulnerabilities within the smallest possible amount of resource allocation. RL agents are trained to always push severe test scenarios first in a way to better absorb changing attacks and codebase dynamics. Empirical study results show improved detection rates, less test time, and better risk visibility in all stages of the pipeline, marking a major fight toward intelligent and adaptive DevOps security practices.

Keywords : Reinforcement Learning, CI/CD Pipeline, Cybersecurity Risk, Test Optimization, DevSecOps, Threat Modeling, Security Automation, Secure Software Deployment.

References :

1. Rzig, D. E., Houerbi, A., Chavan, R. G., & Hassan, F. (2024). Empirical Analysis on CI/CD Pipeline Evolution in Machine Learning Projects. arXiv preprint arXiv:2403.12199.
2. Patel, A. Research the Use of Machine Learning Models to Predict and Prevent Failures in CI/CD Pipelines and Infrastructure.
3. Dileepkumar, S. R., & Mathew, J. (2025). Optimizing continuous integration and continuous deployment pipelines with machine learning: Enhancing performance and predicting failures. Advances in Science and Technology Research Journal, 19(3), 108-120.
4. Thota, R. C. (2024). Cloud-Native DevSecOps: Integrating Security Automation into CI/CD Pipelines. INTERNATIONAL JOURNAL OF INNOVATIVE RESEARCH AND CREATIVE TECHNOLOGY, 10(6), 1-19.
5. Kyler, T. (2024). AI-Driven DevSecOps: Integrating Security into Continuous Integration and Deployment Pipelines.
6. Myllynen, T., Kamau, E., Mustapha, S. D., Babatunde, G. O., & Collins, A. (2024). Review of advances in AI-powered monitoring and diagnostics for CI/CD pipelines. International Journal of Multidisciplinary Research and Growth Evaluation, 5(1), 1119-1130.
7. D'Onofrio, D. S., Fusco, M. L., & Zhong, H. (2023). CI/CD Pipeline and DevSecOps Integration for Security and Load Testing (No. SAND-2023-08255). Sandia National Lab.(SNL-NM), Albuquerque, NM (United States).
8. Vadde, B. C., & Munagandla, V. B. (2023). Security-First DevOps: Integrating AI for Real-Time Threat Detection in CI/CD Pipelines. International Journal of Advanced Engineering Technologies and Innovations, 1(03), 423-433.
9. Kummarapurugu, C. S. (2022). A Framework for Real-Time AI-Driven Secure Code Analysis Integrated with DevSecOps in Cloud-Native CI/CD Pipelines.
10. Owoade, S. J., Uzoka, A., Akerele, J. I., & Ojukwu, P. U. (2024). Cloud-based compliance and data security solutions in financial applications using CI/CD pipelines. World Journal of Engineering and Technology Research, 8(2), 152-169.
11. Owoade, S. J., Uzoka, A., Akerele, J. I., & Ojukwu, P. U. (2024). Cloud-based compliance and data security solutions in financial applications using CI/CD pipelines. World Journal of Engineering and Technology Research, 8(2), 152-169.
12. Goyal, A. (2024). Optimising cloud-based CI/CD pipelines: Techniques for rapid software deployment. Int J Eng Res, 11(11), 896-904.
13. Quillen, N. C. (2022). Tools Engineers Need to Minimize Risk around CI/CD Pipelines in the Cloud (Doctoral dissertation, Capella University).
14. Chintale, P. (2023). DevOps Design Pattern: Implementing DevOps best practices for secure and reliable CI/CD pipeline (English Edition). Bpb Publications.
15. Tatineni, S. (2024). Integrating Artificial Intelligence with DevOps: Advanced Techniques, Predictive Analytics, and Automation for Real-Time Optimization and Security in Modern Software Development. Libertatem Media Private Limited.
16. Ovy, N. H. Quality Assurance in Continuous Integration/continuous Delivery (Ci/cd) Pipelines: Best Practices, Tools, and Challenges. Multidisciplinary Science Journal, 1(01), 54-59.
17. Enemosah, A. (2025). Enhancing DevOps efficiency through AI-driven predictive models for continuous integration and deployment pipelines. International Journal of Research Publication and Reviews, 6(1), 871-887.
18. Saleh, S. M., Sayem, I. M., Madhavji, N., & Steinbacher, J. (2024, November). Advancing Software Security and Reliability in Cloud Platforms through AI-based Anomaly Detection. In Proceedings of the 2024 on Cloud Computing Security Workshop (pp. 43-52).
19. Heijstek, A. (2023). Bridging theory and practice: insights into practical implementations of security practices in secure devops and ci/cd environments (Doctoral dissertation, Ph. D. thesis, Universiteit van Amsterdam).
20. Nampelli, S. Enhancing CICD Pipelines For Automated Deployments With Cloud Native Infrastructures For High Availability Followed By Best Security Practices.
21. Ugwueze, V. U., & Chukwunweike, J. N. (2024). Continuous integration and deployment strategies for streamlined DevOps in software engineering and application delivery. Int J Comput Appl Technol Res, 14(1), 1-24.
22. Oladoja, T. (2022). Optimizing CI/CD in Healthcare: Techniques for Streamlined.
23. Amgothu, S., & Kankanala, G. (2024). AI/ML–DevOps Automation. American Journal of Engineering Research (AJER), 13(10), 111-117.
24. Moriconi, F. (2024). Improving software development life cycle using data-driven approaches (Doctoral dissertation, Sorbonne Université).
25. Boda, V. V. R. (2019). CI/CD in FinTech: How Automation is Changing the Game. Journal of Innovative Technologies, 2(1).
26. Camacho, N. G. (2024). Unlocking the potential of AI/ML in DevSecOps: effective strategies and optimal practices. Journal of Artificial Intelligence General science (JAIGS) ISSN: 3006-4023, 3(1), 106-115.
27. Ali, M. S., & Puri, D. (2024, March). Optimizing DevOps Methodologies with the Integration of Artificial Intelligence. In 2024 3rd International Conference for Innovation in Technology (INOCON) (pp. 1-5). IEEE.
28. Sivaraman, H. (2024). Machine Learning-Augmented Unified Testing and Monitoring Framework Reducing Costs and Ensuring Compliance. Quality and Reliability with Shift-Left and Shift-Right Synergy for Cybersecurity Products. J Artif Intell Mach Learn & Data Sci, 2(2), 1645-1652.
29. Allam, A. R. (2023). Enhancing Cybersecurity in Distributed Systems: DevOps Approaches for Proactive Threat Detection. Silicon Valley Tech Review, 2(1), 54-66.
30. Vadde, B. C., & Munagandla, V. B. (2024). DevOps in the Age of Machine Learning: Bridging the Gap Between Development and Data Science. International Journal of Machine Learning Research in Cybersecurity and Artificial Intelligence, 15(1), 530-544.