BEGIN:VCALENDAR
VERSION:2.0
PRODID:-//pretalx//pretalx.com//fwd-cloudsec-2026//speaker//AVXJVY
BEGIN:VTIMEZONE
TZID:PST
BEGIN:STANDARD
DTSTART:20001029T030000
RRULE:FREQ=YEARLY;BYDAY=-1SU;BYMONTH=10;UNTIL=20061029T100000Z
TZNAME:PST
TZOFFSETFROM:-0700
TZOFFSETTO:-0800
END:STANDARD
BEGIN:STANDARD
DTSTART:20071104T030000
RRULE:FREQ=YEARLY;BYDAY=1SU;BYMONTH=11
TZNAME:PST
TZOFFSETFROM:-0700
TZOFFSETTO:-0800
END:STANDARD
BEGIN:DAYLIGHT
DTSTART:20000402T030000
RRULE:FREQ=YEARLY;BYDAY=1SU;BYMONTH=4;UNTIL=20060402T110000Z
TZNAME:PDT
TZOFFSETFROM:-0800
TZOFFSETTO:-0700
END:DAYLIGHT
BEGIN:DAYLIGHT
DTSTART:20070311T030000
RRULE:FREQ=YEARLY;BYDAY=2SU;BYMONTH=3
TZNAME:PDT
TZOFFSETFROM:-0800
TZOFFSETTO:-0700
END:DAYLIGHT
END:VTIMEZONE
BEGIN:VEVENT
UID:pretalx-fwd-cloudsec-2026-RDXF3X@pretalx.com
DTSTART;TZID=PST:20260601T154000
DTEND;TZID=PST:20260601T160000
DESCRIPTION:## Track\nCentaur Track (20-minute Lightning Talk)\n\n---\n\nAI
  coding assistants now generate the majority of infrastructure code in man
 y organizations. Traditional paved road strategies—approved Terraform mo
 dules\, policy-as-code gates\, security training—targeted developer cogn
 ition. But in agentic workflows\, the developer provides intent while the 
 model does the reasoning. The thinker changed.\n\nThis creates an opportun
 ity: the model's context window is programmable in ways developer brains n
 ever were. By constraining what tools an agent can call and what informati
 on shapes its reasoning\, organizations can embed security guardrails dire
 ctly into the system doing the thinking.\n\nThis talk introduces a referen
 ce architecture using Model Context Protocol (MCP) to make AI agents work 
 *through* paved roads rather than around them. The MCP server exposes appr
 oved Terraform modules from an internal registry\, enforces OPA policies w
 ith structured output designed for agent consumption (severity\, remediati
 on hints\, auto-fix eligibility)\, and implements risk-scored exception ha
 ndling that routes low-risk deviations to audit logs while escalating high
 -risk requests to humans.\n\nIn a live demo\, a natural language infrastru
 cture request will flow through the full pipeline: module retrieval → Te
 rraform generation → policy check → auto-remediation of fixable violat
 ions → risk scoring → exception request with Linear ticket creation 
 → compliant PR with reasoning trace. The demo will show policy violation
 s detected and resolved in seconds with zero human intervention for routin
 e issues.
DTSTAMP:20260502T113343Z
LOCATION:Room 2
SUMMARY:Agentic Paved Roads: Shifting Security Left to the Machine That Thi
 nks - Prahathess Rengasamy
URL:https://pretalx.com/fwd-cloudsec-2026/talk/RDXF3X/
END:VEVENT
END:VCALENDAR