NOMINATION HIGHLIGHTS

Devi Prasad Guda is a certified CSSLP cybersecurity leader driving transformative change in enterprise security through DevSecOps innovation, automation, and thought leadership. As a Senior Application Security Engineer at American Family Insurance, he architected the Enterprise Application Security Platform that secures over 5000 applications ,including integrations with Costco’s insurance platform and AmFam.com, serving millions of users daily.

His automation-first approach embedded SAST, DAST, SCA, Secrets , Container scanning and IAST directly into CI/CD pipelines, ensuring security-by-default across development teams. He authored enterprise-wide secure coding standards now followed by over 1,000 developers .His leadership during the October 2023 cyberattack was instrumental in real-time threat containment and post-incident control hardening.

Devi’s API security framework led to a 80% reduction in the attack surface, and his dynamic testing and risk reviews for mobile, web, and cloud-native applications helped the organization maintain regulatory compliance while preventing multimillion-dollar breach costs. He also played a key role in M&A security integrations, ensuring safe transitions for acquired platforms like Ameriprise and Homesite.

Before AmFam, Devi served as an AppSec consultant for ExxonMobil, where he operationalized secure SDLC programs across environmental and operational safety platforms. He configured tools like Checkmarx and AppScan, led vulnerability triage, and strengthened security governance, reducing production vulnerabilities by over 90% and enabling global-scale security resilience.

In addition to hands-on engineering excellence, Devi is an active cybersecurity researcher, having authored 7+ peer-reviewed papers on topics including cloud security, AI-based threat detection, API hardening, and secure SDLC methodologies published in IEEE and other reputed journals.His publications include Self-Supervised Representation Learning for Zero-Day Attack Detection in Encrypted Network Traffic, Graph Neural Networks for Dynamic Malware Behaviour Analysis and Classification in Advanced Persistent Threats (APT), Lightweight Data-Driven Machine Learning-Based Secure Intrusion Detection Systems on Cyber-Attacks, Efficient Deep Learning Approaches for Zero-Day Attack Detection and Classification via Network Traffic for Cybersecurity, Cybersecurity for Industrial Control Systems (ICS) and Operational Technology (OT) Environments, and Foundations of Cybersecurity and Digital Defence. These works demonstrate his deep commitment to advancing the cybersecurity field through both innovation and scholarship.