BEGIN:VCALENDAR VERSION:2.0 PRODID:IEEE vTools.Events//EN CALSCALE:GREGORIAN BEGIN:VTIMEZONE TZID:America/New_York BEGIN:DAYLIGHT DTSTART:20260308T030000 TZOFFSETFROM:-0500 TZOFFSETTO:-0400 RRULE:FREQ=YEARLY;BYDAY=2SU;BYMONTH=3 TZNAME:EDT END:DAYLIGHT BEGIN:STANDARD DTSTART:20261101T010000 TZOFFSETFROM:-0400 TZOFFSETTO:-0500 RRULE:FREQ=YEARLY;BYDAY=1SU;BYMONTH=11 TZNAME:EST END:STANDARD END:VTIMEZONE BEGIN:VEVENT DTSTAMP:20260419T200237Z UID:69343633-2E26-4648-B8D8-32034EA0EAE9 DTSTART;TZID=America/New_York:20260901T180000 DTEND;TZID=America/New_York:20260901T200000 DESCRIPTION:Technical Presentation and Dinner presented by the IEEE Susqueh anna Section\nIn highly regulated industries\, the "busy work" of security patching often lags due to strict data privacy requirements that prevent the use of cloud-based AI. This session demonstrates how to bridge that ga p by building a privacy-first DevSecOps agent that operates entirely withi n your own firewall.\n\nWe will explore an architecture that leverages Lla ma 3.1 via Ollama and the Model Context Protocol (MCP) to create a structu red OODA loop (Observe\, Orient\, Decide\, Act). By connecting Trivy for v ulnerability scanning directly to GitHub for automated remediation\, we sh ow how an agent can autonomously draft patches while maintaining a strict Human-in-the-Loop (HITL) framework for final verification.\n\nKey Takeaway s:\n- Local-First Architecture: How to run a CPU-friendly\, production-rea dy AI agent on standard cloud instances or local hardware.\n- Tool Orchest ration: Using MCP to bridge the gap between security scanners and version control systems.\n- Correctness & Safety: Implementing HITL checkpoints to ensure AI-generated patches are reviewed for correctness before deploymen t.\n\nFood and drink will be provided free of charge to attendees.\n\nCo-s ponsored by: Penn State Harrisburg School of Science\, Engineering\, and T echnology\, Electrical Engineering Department\n\nSpeaker(s): Pathmanaban P alsamy\, \n\nAgenda: \nDinner: 6:00 - 7:00 PM\n\nTechnical Presentation: 7 :00 - 8:00 PM\n\nWrap-Up: 8:00 - 8:15 PM\n\nRoom: 101 (Morrison Gallery)\, Bldg: Madlyn L Hanes Library (Building D)\, Penn State Harrisburg\, 777 W est Harrisburg Pike\, Harrisburg\, Pennsylvania\, United States\, 17507\, Virtual: https://events.vtools.ieee.org/m/541535 LOCATION:Room: 101 (Morrison Gallery)\, Bldg: Madlyn L Hanes Library (Build ing D)\, Penn State Harrisburg\, 777 West Harrisburg Pike\, Harrisburg\, P ennsylvania\, United States\, 17507\, Virtual: https://events.vtools.ieee. org/m/541535 ORGANIZER:jack.burbank@ieee.org SEQUENCE:5 SUMMARY:Privacy-First DevSecOps: Automating Vulnerability Remediation with Local AI Agents URL;VALUE=URI:https://events.vtools.ieee.org/m/541535 X-ALT-DESC:Description: <br /><p>Technical Presentation and Dinner presente d by the IEEE Susquehanna Section</p>\n<div>In highly regulated industries \, the "busy work" of security patching often lags due to strict data priv acy requirements that prevent the use of cloud-based AI. This session demo nstrates how to bridge that gap by building a privacy-first DevSecOps agen t that operates entirely within your own firewall.</div>\n<div>&nbsp\;</di v>\n<div>We will explore an architecture that leverages Llama 3.1 via Olla ma and the Model Context Protocol (MCP) to create a structured OODA loop ( Observe\, Orient\, Decide\, Act). By connecting Trivy for vulnerability sc anning directly to GitHub for automated remediation\, we show how an agent can autonomously draft patches while maintaining a strict Human-in-the-Lo op (HITL) framework for final verification.</div>\n<div>&nbsp\;</div>\n<di v>\n<div><strong>Key Takeaways:</strong></div>\n<div>- Local-First Archite cture: How to run a CPU-friendly\, production-ready AI agent on standard c loud instances or local hardware.</div>\n<div>- Tool Orchestration: Using MCP to bridge the gap between security scanners and version control system s.</div>\n<div>- Correctness &amp\; Safety: Implementing HITL checkpoints to ensure AI-generated patches are reviewed for correctness before deploym ent.</div>\n<div>&nbsp\;</div>\n<div>Food and drink will be provided free of charge to attendees.</div>\n</div><br /><br />Agenda: <br /><p>Dinner: 6:00 - 7:00 PM&nbsp\;</p>\n<p>Technical Presentation: 7:00 - 8:00 PM</p>\n <p>Wrap-Up: 8:00 - 8:15 PM</p> END:VEVENT END:VCALENDAR