GENERATIVE AI FOR SECURE RELEASE ENGINEERING IN GLOBAL PAYMENT NETWORK
DOI:
https://doi.org/10.52152/4wcn5458Keywords:
Generative AI, secure DevOps, CI/CD, PCI DSS, threat modeling, data leakage, secrets management,Generative Artificial Intelligence (Generative AI),Secure Release Engineer- ing,Autonomous DevSecOps Pipelines,AIOps for Financial Sys- tems,Payment Network Security,Compliance-Aware CI/CD,AI- Augmented Software Assurance,Resilient FinTech Infrastruc- ture,Intelligent Risk Mitigation in Software Delivery,Trustworthy AI in Financial Services.Abstract
Generative AI offers great promise in secure release engineering for global payment networks but introduces major risks that must be managed. The fastest and safest way to embed release security into Generative AI-assisted development pro- cesses is through structured prompting that generates safe con- figurations, compliance-aware implementations, and AI-specific failure modes; constraints that enforce safe and secure code; and support for model integration within release pipelines that can be independently audited, automatically tested, and operationally assured. Generative AI-backed secret management, access con- trol, and secret rotation can enhance security but introduce fresh threats that need careful mitigation. Security should be baked into every AI-assisted release engineering process, not added as an afterthought. Examples from payments illustrate these issues, incorporating lessons learned from incidents involving Generative AI assistance.
Downloads
Published
Issue
Section
License
Copyright (c) 2025 Lex localis - Journal of Local Self-Government
This work is licensed under a Creative Commons Attribution-NonCommercial-NoDerivatives 4.0 International License.
