Skip to content
View novaferrydianto's full-sized avatar
๐Ÿ’ญ
Infrastructure as Code
๐Ÿ’ญ
Infrastructure as Code

Block or report novaferrydianto

Block user

Prevent this user from interacting with your repositories and sending you notifications. Learn more about blocking users.

You must be logged in to block users.

Maximum 250 characters. Please donโ€™t include any personal information such as legal names or email addresses. Markdown is supported. This note will only be visible to you.
Report abuse

Contact GitHub support about this userโ€™s behavior. Learn more about reporting abuse.

Report abuse
novaferrydianto/README.md

๐Ÿ‘จโ€๐Ÿ’ป Nov4 F

Cloud Native | DevOps Engineer | SRE | Cloud Engineer | MLOps | DevSecOps | Cyber Security Enthusiast

I build self-healing infrastructure and "Agentic DevOps" workflows. My focus is shifting security left and automating everything between the code and the cloud.


๐Ÿ›ก๏ธ Core Specializations

  • DevOps: GitOps (ArgoCD), CI/CD Pipelines (GitHub Actions, GitLab CI, Jenkins), and Automation (Ansible).
  • Infrastructure: Terraform, Terragrunt, OpenTofu, Crossplane, and GCS/S3 Backends.
  • DevSecOps: Automated vulnerability triage (Gitleak, Semgrep, Aikido, StepSecurity, DefectDojo, Snyk, Falco), Wazuh Active Response, and Secure Container Runtime using Chainguard & Google Distroless.
  • Cloud Native: Multi-region GKE, AWS EKS, and Alibaba Cloud ACK.
  • Observability: Victoria Metrics, Vector, Loki, and Grafana (The LGV Stack).

๐Ÿš€ Featured Projects & Research

๐Ÿค– Agentic & Autonomous Infrastructure

Building the "Brain" for self-healing systems.

  • Agentic SRE & DevOps Framework: Architecting autonomous self-healing loops and LLM-powered root-cause analysis. Designed skills for agents to monitor GKE thresholds and trigger circuit breakers/auto-rollbacksโ€”reducing manual intervention.
  • Agentic DevSecOps Triage: Implementing autonomous vulnerability triage using AI to filter false positives and orchestrate real-time threat hunting with Wazuh and Falco integration.

๐Ÿ›ก๏ธ DevSecOps & Security Engineering

Production-grade pipelines and security research environments.

  • DevSecOps E2E Pipeline: A comprehensive, end-to-end Node.js CI/CD pipeline featuring integrated security gating, OIDC-based auth, and automated vulnerability scanning.
  • Vuln-Bank: A deliberately vulnerable security research environment. Used as a testbed for developing AI-integrated secure code review agents and testing WAF/IDS bypass scenarios.

๐Ÿ›  Tech Stack

๐Ÿ— Infrastructure & Multi-Cloud

GCP AWS Alibaba Cloud Terraform

โ˜ธ๏ธ Containerization, Orchestration & Secure Runtime

Kubernetes Docker Google Distroless Chainguard

๐Ÿ”„ CI/CD & Automation

GitHub Actions ArgoCD Ansible

๐Ÿ’ป Development & Scripting

Go Python Node.js


๐Ÿ“Š Vital Signs (Observability Dashboard)

GitHub Streak

๐Ÿ“ซ Let's secure the pipeline: LinkedIn

Pinned Loading

  1. terraform-ec2-jenkins-aws-k8s-infra terraform-ec2-jenkins-aws-k8s-infra Public

    Forked from asecurityguru/terraform-ec2-jenkins-aws-k8s-infra-creation

    HCL

  2. devsecops-k8s-demo devsecops-k8s-demo Public

    Java

  3. devsecops-with-github-actions-end-to-end-nodejs-project devsecops-with-github-actions-end-to-end-nodejs-project Public

    JavaScript 1

  4. private-aws-eks private-aws-eks Public

    HCL

  5. Build-a-Secure-AWS-EKS-CI-CD-Pipeline Build-a-Secure-AWS-EKS-CI-CD-Pipeline Public

    HCL

  6. vuln-bank vuln-bank Public

    A deliberately vulnerable banking application designed for practicing Security Testing of Web App, APIs, AI integrated App and secure code reviews. Features common vulnerabilities found in real-worโ€ฆ

    Python 3