AI-Driven Security and Inventory Optimization: Automating Vulnerability Management and Demand Forecasting in CI/CD-Powered Retail Systems
DOI:
https://doi.org/10.22399/ijcesen.3855Keywords:
Vulnerability Management, CI/CD Pipelines, Demand Forecasting, Inventory Optimization, Artificial Intelligence (AI)Abstract
The work focuses on examining how artificial intelligence (AI) can be applied to solve two of these key issues in contemporary retail concurrently, that is, vulnerability management automation in continuous integration/ continuous delivery (CI/CD) pipelines and inventory optimization based on demand forecasting. Retail organisations have been turning more and more to CI/CD to facilitate fast delivery of features and security upgrades. The acceleration causes an expanded attack surface, making vulnerability management harder. Meanwhile, considering the demand error forecasting causes expensive stockouts or excessive stock. The study uses a dual-framework approach, which utilizes heterogeneous datasets such as point-of-sale (POS) transactions, enterprise resource planning (ERP) data, and vulnerability feeds that comprise the National Vulnerability Database (NVD) and Common Vulnerabilities and Exposures (CVE). Sophisticated models that include Random Forests, Support Vector Machine, and Long Short-Term Memory (LSTM) are used to predict and classify vulnerabilities and enhance demand forecasts beyond those of conventional statistical models. The experimental validation proves the ability of AI-driven triaging to decrease the patching delays and the mean time to remediation (MTTR), and of deep learning to increase the accuracy of the forecasting, leading to increased inventory availability. Future directions identified in the study include reinforcement learning to schedule patches to allow adjustable scheduling, edge AI and IoT-driven real-time forecasting to allow a just-in-time replenishment, and immutable logging via blockchain to enable secure vulnerability management and supply chain traceability. All findings together prove the idea that AI can support the resilience of cybersecurity, as well as effectiveness in CI/CD-driven retailing ecosystems.
References
[1] Aguilar, A. (2023). Lowering Mean Time to Recovery (MTTR) in Responding to System Downtime or Outages: An Application of Lean Six Sigma Methodology. In 13th Annual International Conference on Industrial Engineering and Operations Management.
[2] Alawadhi, A. (2023). Earnings expectations and accrual anomalies: reassessing stock market behaviours in the time of COVID-19. International Journal of Financial Markets and Derivatives, 9(4), 231-249.
[3] Ang, J., Chien, A. A., Hammond, S. D., Hoisie, A., Karlin, I., Pakin, S., ... & Vetter, J. S. (2022). Reimagining codesign for advanced scientific computing: Report for the ascr workshop on reimagining codesign. USDOE Office of Science (SC)(United States).
[4] Badgujar, P. (2023). Securing Customer Data And Best Practices for Retail Point-of-Sale Systems. Journal of Technological Innovations, 4(4).
[5] Briseño-Oliveros, H., Guzmán-García, L. A., Cano-Olivos, P., & Sánchez-Partida, D. (2019). Forecasting demand improvement for replenishment in a retail painting company. Acta logistica, 6(4), 155-164.
[6] Chavan, A. (2023). Managing scalability and cost in microservices architecture: Balancing infinite scalability with financial constraints. Journal of Artificial Intelligence & Cloud Computing, 2, E264. http://doi.org/10.47363/JAICC/2023(2)E264
[7] Cong, L. W., Li, B., & Zhang, Q. T. (2021). Internet of Things: Business Economics and Applications. Review of business, 41(1).
[8] Dargan, S., Kumar, M., Ayyagari, M. R., & Kumar, G. (2020). A survey of deep learning and its applications: a new paradigm to machine learning. Archives of computational methods in engineering, 27(4), 1071-1092.
[9] Dhanagari, M. R. (2024). Scaling with MongoDB: Solutions for handling big data in real-time. Journal of Computer Science and Technology Studies, 6(5), 246-264. https://doi.org/10.32996/jcsts.2024.6.5.20
[10] Fabuyi, J. A. (2024). Leveraging Synthetic Data as a Tool to Combat Bias in Artificial Intelligence (AI) Model Training. Journal of Engineering Research and Reports, 26(12), 24-46.
[11] Fadlalla, F. F., & Elshoush, H. T. (2023). Input validation vulnerabilities in web applications: Systematic review, classification, and analysis of the current state-of-the-art. IEEE Access, 11, 40128-40161.
[12] Goyal, A. (2024). Optimising cloud-based CI/CD pipelines: Techniques for rapid software deployment. Int J Eng Res, 11(11), 896-904.
[13] Hance, J., Milbrath, J., Ross, N., & Straub, J. (2022). Distributed attack deployment capability for modern automated penetration testing. Computers, 11(3), 33.
[14] Hofman, J. M., Watts, D. J., Athey, S., Garip, F., Griffiths, T. L., Kleinberg, J., ... & Yarkoni, T. (2021). Integrating explanation and prediction in computational social science. Nature, 595(7866), 181-188.
[15] Hughes, C., & Robinson, N. (2024). Effective vulnerability management: managing risk in the vulnerable digital ecosystem. John Wiley & Sons.
[16] Karwa, K. (2023). AI-powered career coaching: Evaluating feedback tools for design students. Indian Journal of Economics & Business. https://www.ashwinanokha.com/ijeb-v22-4-2023.php
[17] Karwa, K. (2024). The role of AI in enhancing career advising and professional development in design education: Exploring AI-driven tools and platforms that personalize career advice for students in industrial and product design. International Journal of Advanced Research in Engineering, Science, and Management. https://www.ijaresm.com/uploaded_files/document_file/Kushal_KarwadmKk.pdf
[18] Kilimci, Z. H., Akyuz, A. O., Uysal, M., Akyokus, S., Uysal, M. O., Atak Bulbul, B., & Ekmis, M. A. (2019). An improved demand forecasting model using deep learning approach and proposed decision integration strategy for supply chain. Complexity, 2019(1), 9067367.
[19] Konneru, N. M. K. (2021). Integrating security into CI/CD pipelines: A DevSecOps approach with SAST, DAST, and SCA tools. International Journal of Science and Research Archive. Retrieved from https://ijsra.net/content/role-notification-scheduling-improving-patient
[20] Kumar, A. (2019). The convergence of predictive analytics in driving business intelligence and enhancing DevOps efficiency. International Journal of Computational Engineering and Management, 6(6), 118-142. Retrieved from https://ijcem.in/wp-content/uploads/THE-CONVERGENCE-OF-PREDICTIVE-ANALYTICS-IN-DRIVING-BUSINESS-INTELLIGENCE-AND-ENHANCING-DEVOPS-EFFICIENCY.pdf
[21] Lima, S., Gonçalves, A. M., & Costa, M. (2024). Predictive accuracy of time series models applied to economic data: the European countries retail trade. Journal of Applied Statistics, 51(9), 1818-1841.
[22] Makani, S. T., & Jangampeta, S. (2022). The evolution of CICD tools in DevOps from Jenkins to GitHub Actions. Int J Comput Eng Technol, 13(02), 166-174.
[23] Mangla, M. (2023). Securing CI/CD Pipeline: Automating the detection of misconfigurations and integrating security tools (Doctoral dissertation, Dublin, National College of Ireland).
[24] Nyati, S. (2018). Revolutionizing LTL carrier operations: A comprehensive analysis of an algorithm-driven pickup and delivery dispatching solution. International Journal of Science and Research (IJSR), 7(2), 1659-1666. Retrieved from https://www.ijsr.net/getabstract.php?paperid=SR24203183637
[25] Punia, S., Nikolopoulos, K., Singh, S. P., Madaan, J. K., & Litsiou, K. (2020). Deep learning with long short-term memory networks and random forests for demand forecasting in multi-channel retail. International journal of production research, 58(16), 4964-4979.
[26] Raj, P., Vanga, S., & Chaudhary, A. (2022). Cloud-Native Computing: How to design, develop, and secure microservices and event-driven applications. John Wiley & Sons.
[27] Raju, R. K. (2017). Dynamic memory inference network for natural language inference. International Journal of Science and Research, 6(2). https://www.ijsr.net/archive/v6i2/SR24926091431.pdf
[28] Ramos, P., Oliveira, J. M., Kourentzes, N., & Fildes, R. (2022). Forecasting seasonal sales with many drivers: Shrinkage or dimensionality reduction?. Applied System Innovation, 6(1), 3.
[29] Roumani, Y. (2021). Patching zero-day vulnerabilities: an empirical analysis. Journal of Cybersecurity, 7(1), tyab023.
[30] Saleh, S. M., Sayem, I. M., Madhavji, N., & Steinbacher, J. (2024, November). Advancing software security and reliability in cloud platforms through AI-based anomaly detection. In Proceedings of the 2024 on Cloud Computing Security Workshop (pp. 43-52).
[31] Salem, F. M. (2021). Gated RNN: the gated recurrent unit (GRU) RNN. In Recurrent neural networks: from simple to gated architectures (pp. 85-100). Cham: Springer International Publishing.
[32] Sardana, J. (2022). The role of notification scheduling in improving patient outcomes. International Journal of Science and Research Archive. Retrieved from https://ijsra.net/content/role-notification-scheduling-improving-patient
[33] Sarrafpour, B. A. S., Choque, R. D. P. S., Paul, B. M., & Mehdipour, F. (2019, August). Commercial security scanning: Point-on-Sale (POS) vulnerability and mitigation techniques. In 2019 IEEE Intl Conf on Dependable, Autonomic and Secure Computing, Intl Conf on Pervasive Intelligence and Computing, Intl Conf on Cloud and Big Data Computing, Intl Conf on Cyber Science and Technology Congress (DASC/PiCom/CBDCom/CyberSciTech) (pp. 493-498). IEEE.
[34] Seyedan, M., & Mafakheri, F. (2020). Predictive big data analytics for supply chain demand forecasting: methods, applications, and research opportunities. Journal of Big Data, 7(1), 53.
[35] Singh, V. (2021). Generative AI in medical diagnostics: Utilizing generative models to create synthetic medical data for training diagnostic algorithms. International Journal of Computer Engineering and Medical Technologies. https://ijcem.in/wp-content/uploads/GENERATIVE-AI-IN-MEDICAL-DIAGNOSTICS-UTILIZING-GENERATIVE-MODELS-TO-CREATE-SYNTHETIC-MEDICAL-DATA-FOR-TRAINING-DIAGNOSTIC-ALGORITHMS.pdf
[36] SOLANKE, A. A. (2022). Enterprise DevSecOps: Integrating security into CI/CD pipelines for regulated industries.
[37] Treveil, M., Omont, N., Stenac, C., Lefevre, K., Phan, D., Zentici, J., ... & Heidmann, L. (2020). Introducing MLOps. O'Reilly Media.
[38] Winkelhaus, S., & Grosse, E. H. (2020). Logistics 4.0: a systematic review towards a new logistics system. International journal of production research, 58(1), 18-43.
[39] Zhou, K. Q. (2022). Zero-day vulnerabilities: Unveiling the threat landscape in network security. Mesopotamian Journal of CyberSecurity, 2022, 57-64.
[40] Renke, L., Piplani, R., & Toro, C. (2021). A review of dynamic scheduling: context, techniques and prospects. Implementing Industry 4.0: The Model Factory as the Key Enabler for the Future of Manufacturing, 229-258.
[41] Saleh, S. M., Madhavji, N., & Steinbacher, J. (2024, October). Blockchain for Securing CI/CD Pipeline: A Review on Tools, Frameworks, and Challenges. In 2024 7th Conference on Cloud and Internet of Things (CIoT) (pp. 1-5). IEEE.
[42] Malik, G., & Prashasti. (2023). Blockchain security: Security challenges and solutions for decentralized systems and cryptocurrencies. International Journal of Science and Research Archive, 9(2), 1074–1100. https://doi.org/10.30574/ijsra.2023.9.2.0515
Downloads
Published
How to Cite
Issue
Section
License
Copyright (c) 2025 International Journal of Computational and Experimental Science and Engineering
This work is licensed under a Creative Commons Attribution 4.0 International License.
