Adhithya Rajasekaran
AI Product Manager | AI Ethics & Governance | Cybersecurity | github.com/adhit-r
Chennai, India
Actions
Adhithya Rajasekaran is an AI Product Manager with 12+ years spanning cybersecurity R&D, AI governance, and product development. He has led privacy impact assessments, threat modelling, and compliance programmes at Comcast and Verizon, and currently works on AI governance and vulnerability management. He builds open-source security tooling and researches LLM behavioural alignment and context-aware scanning. Speaker at ISACA and ISC2 on AI security and continuous compliance.
Links
Area of Expertise
Scan, Learn, Prevent: Cross-Agent Security Policy Generation from Automated Vulnerability Detection
AI coding agents repeat the same security mistakes across sessions — XSS, hardcoded secrets, hallucinated packages — because each session starts fresh. Instruction files like CLAUDE.md and .cursorrules were meant to fix this, but today they're written by hand and never updated.
We built a closed-loop system where eight security scanners detect vulnerabilities in AI-generated code, classify them by CWE, and convert them into deterministic template-driven rules. No LLM in the rule generation step — rules are auditable and reproducible. They get injected into CLAUDE.md, .cursorrules, and copilot-instructions.md through a draft PR so humans stay in the loop.
A security lesson learned by one agent now transfers to every agent on the project — Claude, Cursor, Copilot, Goose — with zero fine-tuning.
This talk covers:
- The scanner-to-instruction-file pipeline
- Why deterministic templates beat LLM-generated rules
- Cross-agent knowledge transfer from a single vulnerability
- Which rule phrasings actually change model behavior and which get ignored
- Instruction poisoning as a new attack surface and how to mitigate it
Read the Room, Not the Files: MCP Filesystem Intelligence for Privacy-Respecting Compliance Scanning
Enterprise compliance tools face a paradox: to find sensitive data, they scan everything, exposing the very data they exist to protect. I built a system that resolves this using MCP filesystem access.
The architecture works in three phases. Claude Sonnet connects via the Filesystem MCP server and analyzes directory structures, naming conventions, and metadata to infer system purpose, without reading file contents. It then generates risk scores and isolates the 1-5% of files that warrant inspection. Only those files undergo content scanning with contextual validation.
On a real codebase of 7,355 files, the system scanned 6 (0.08%), flagged one PCI violation, routed two for review, and cleared three, in under 30 seconds.
This talk covers the integration patterns, what filesystem metadata reveals about compliance risk, how contextual validation eliminates false positives, and why the architecture supports local LLM deployment. I will share results from three machines, failure modes, and lessons learned.
Adhithya Rajasekaran
AI Product Manager | AI Ethics & Governance | Cybersecurity | github.com/adhit-r
Chennai, India
Links
Actions
Please note that Sessionize is not responsible for the accuracy or validity of the data provided by speakers. If you suspect this profile to be fake or spam, please let us know.
Jump to top