Sumir Arora

Senior Solutions Architect

Sumir Arora

Sumir Arora is a Senior Solution Architect with 15+ years across cloud, integration, and platform engineering. His recent work sits at the intersection of platform engineering and AI—building agentic systems that bring autonomy to operational workflows like change management, troubleshooting, and API testing.
He designs for the hard part: letting automation scale without losing control. That means governance, guardrails, policy-as-code, and clear architectural boundaries—the things that make autonomous systems safe to run in production.

Presentations

Secure by Design – Building Zero-Trust API Architectures in the Cloud

Monday, 3:15 PM EST

API security goes beyond protecting endpoints—it requires defense across infrastructure, data, and business logic. In this talk, I’ll present a structured approach to implementing Zero Trust security for APIs in a cloud-native architecture.

We’ll cover how to establish a strong foundation across layers—using mTLS, OAuth2/JWT, policy-as-code (OPA), GitOps for deployment integrity, and cloud-native secrets management. The session addresses real-world threats like misconfigurations, privilege escalation, and API abuse, and shows how to mitigate them with layered controls in Kubernetes-based environments on Azure and AWS.

Attendees will walk away with actionable practices to secure their API ecosystem end-to-end— without slowing development teams down.

Breaking the Silo – Scalable API Governance and Platform Automation with GitOps

Wednesday, 11:00 AM EST

In this session, I’ll walk through how we helped a large enterprise address fragmented API
practices and inconsistent governance by building a platform-first approach to API delivery.

Teams were deploying microservices independently on Azure Kubernetes Service (AKS) with no consistent routing, security, or visibility. We implemented a GitOps-powered framework that allowed teams to integrate a lightweight, Kubernetes-native gateway with their services, while inheriting organizational standards like rate limiting, JWT auth, routing consistency, and metadata tagging—without any manual ticketing or bottlenecks.
The platform approach enabled decentralized development with centralized governance,
accelerating service onboarding while ensuring every API remains secure, discoverable, and compliant by design.