Devashri Datta

Professional Summary 

Devashri is a security researcher and enterprise security engineer specializing in DevSecOps automation, software supply chain security, and governance of large-scale vulnerability and compliance systems. AI-assisted security exception management, SBOM-based risk analysis, AI-assisted Threat Modeling. 

Her work focuses on bridging operational security gaps between engineering velocity and regulatory compliance requirements in frameworks such as SOC 2, ISO 27001, and FedRAMP. Research contributions include structured approaches to Third Party Notices (TPN) analysis, SBOM lifecycle interpretation, and AI-assisted automated exception governance models integrating risk scoring and policy enforcement. 

Qualifications Summary 

• Software Supply Chain Security (SBOM, SCA, VEX, dependency governance) 
• DevSecOps automation and policy-as-code systems 
• Vulnerability management lifecycle design 
• Security exception governance and SLA enforcement models 
• Compliance frameworks: SOC 2, ISO 27001, FedRAMP 
• Risk scoring and vulnerability prioritization models 
• Security data modeling and large-scale compliance analysis