Pujita Sahni
Pujita Sahni is a Delivery Consultant specializing in cloud security, risk, and compliance at AWS. In her role, she is responsible for architecting IAM governance frameworks and security automation solutions that enable organizations to implement secure cloud migrations and shift security left within enterprise environments.
She brings a broad technical background across identity and access management, vulnerability management, infrastructure-as-code security, and DevSecOps practices, providing a comprehensive view of how security platforms are built, automated, and maintained across enterprise cloud environments.
Session
Security vulnerabilities are expensive to fix in production but cheap to catch early. ASH (Automated Security Helper) is a free, open-source security orchestration engine that integrates multiple scanning tools—SAST, SCA, IaC, and secrets detection—into a single, unified workflow. In this session, you'll discover how ASH leverages lightweight tools like Bandit, Semgrep, Checkov, and Grype, presenting them as a single unified solution, to identify security issues across Python, JavaScript, Terraform, CloudFormation, and more. We'll explore two of ASH's execution modes (local, container), its new Python-based architecture with UV package management, and how to use it to scan files, directories, or entire projects. Whether you're a developer, DevOps engineer, or security professional, you'll leave with practical knowledge to implement automated security scanning in your projects today.