Skip to content
View khirawdhi's full-sized avatar
9 followers · 13 following

Block or report khirawdhi

Block user

Prevent this user from interacting with your repositories and sending you notifications. Learn more about blocking users.

You must be logged in to block users.

Maximum 250 characters. Please don’t include any personal information such as legal names or email addresses. Markdown is supported. This note will only be visible to you.
Report abuse

Contact GitHub support about this user’s behavior. Learn more about reporting abuse.

Report abuse
khirawdhi/README.md

Hi, I'm Khirawdhi Ray 👋

I design secure-by-design architectures for cloud-native, AI-driven, and distributed systems.

Focused on:

  • Security Architecture
  • Threat Modeling
  • AI / LLM Security
  • Service-to-Service Trust
  • Software Supply Chain Security

Secured 60+ cloud-native and distributed systems through architecture reviews, attack path analysis, and threat modeling.

Built an ML-assisted DAST validation system reducing false positives by 80%.

What I Work On

  • Trust boundaries and attack paths in distributed systems
  • AI inference security (RAG, agents, tool execution)
  • Identity-first architecture and workload trust
  • Secure service-to-service communication (OAuth, mTLS)
  • CI/CD and software supply chain security

Core belief:

Security failures happen at trust boundaries, not components.

Flagship Projects

Secure Inference Architecture Blueprint

🔗 https://github.com/khirawdhi/secure-inference-architecture-blueprint

Practical security architecture blueprint for AI inference systems.

Covers:

  • Prompt injection
  • Retrieval poisoning
  • Tool abuse
  • Data leakage
  • Trust boundaries across inference pipelines

Core idea:

AI security is not a model problem.
It is an inference architecture problem.

Zero-to-Hero Threat Modeling Playbook

🔗 https://github.com/khirawdhi/zero-to-hero-threat-model

Practical playbook for threat modeling modern distributed systems.

Covers:

  • DFD + STRIDE
  • Attack path analysis
  • AI systems
  • OAuth vs mTLS
  • CI/CD and supply chain risks

Technical Foundations

Cloud: AWS, Azure, GCP
Security: Threat Modeling, Security Architecture, Identity & Access Design
DevSecOps: CI/CD Security, Container Security, Supply Chain Security
Language: Python

Writing & Research

I write about:

  • Threat Modeling as Architecture
  • AI / LLM Security
  • Distributed System Trust Models
  • Secure-by-Design Systems

Connect

Pinned Loading

  1. Secure-Inference-Architecture-Blueprint Secure-Inference-Architecture-Blueprint Public

    A practical security architecture blueprint for designing secure AI inference pipelines, covering trust boundaries, RAG security, tool execution risks, threat modeling, and runtime controls.

  2. zero-to-hero-threat-model zero-to-hero-threat-model Public

    Threat modeling playbook for cloud-native, AI (RAG, agents), and A2A systems with STRIDE, risk models, controls, and test plans.

    15 5

  3. Lab-rag-poison Lab-rag-poison Public

    Python

  4. linvulnscan linvulnscan Public

    LinVulnScan is an open-source tool for automating vulnerability scanning and security auditing on Linux systems.

    Python 2