Aman Priyanshu

AI Researcher (Security Foundation Models - Reasoning & Instruct)

Hi, I'm Aman!

I'm an AI Researcher at Foundation-AI (Cisco, part of Robust Intelligence startup acquisition) specializing in foundation models for security applications, particularly reasoning, long-horizon planning, and agentic systems. I've trained 8B-20B parameter models across multi-node GPU clusters (50+ GPUs). My research spans AI for security, AI security, privacy-preserving ML, and LLM safety, with work deployed in production models that have seen 300K+ downloads (in 2025 alone). My AI Safety work has been featured in SC Magazine, The Register, and other outlets, and led to invitations to OpenAI's Red Teaming Network and Anthropic's Model Safety Bug Bounty Program.

With a Masters in Privacy Engineering from Carnegie Mellon University, I've published at venues like USENIX and AAAI. I worked with Professor Norman Sadeh on LLM security research and Niloofar Mireshghallah on privacy-preserving ML. Currently, I build specialized RL environments for security domains, including custom CTF environments for automated penetration testing curriculum training and vulnerability detection frameworks for iterative code patch discovery.

Aman Priyanshu
Resume

News & Media Coverage

scrollable: please scroll left or right →

CSO Online

7 top cybersecurity projects for 2026

Cisco AI researcher Aman Priyanshu is developing autonomous vulnerability search agents using SLMs that mimic human analyst workflows through iterative investigation...

Cisco Blogs

Foundation-sec-8b: Cisco Foundation AI's First Open-Source Security Model

Cisco Foundation AI's first open-source security base model, trained by Aman Priyanshu & team.

SC Media

Meta's PromptGuard model bypassed by simple jailbreak, researchers say

Meta's Prompt-Guard, is vulnerable to a simple exploit with a 99.8% success rate... AI Security Researcher Aman Priyanshu wrote in a blog post...

Cisco Blogs

Foundation-sec-8B-Instruct: An Out-of-the-Box Security Copilot

Release of the instruction-tuned Foundation-sec-8B, developed by Aman Priyanshu & team, enabling ready-to-use security assistance and analysis.

Communications of the ACM

Protecting LLMs from Jailbreaks

Priyanshu said the biggest risk is organizations assuming their jailbreaking defenses are 100% effective.

Cisco Blogs

Foundation-sec-8B-Reasoning: The First Open-weight Security Reasoning Model

The first open-weight security reasoning model, trained by Aman Priyanshu & team using custom RLVR environments.

Cisco & TILOS Faculty Talks

Reasoning Models: An Introduction to More Logical Models

Exploring reasoning models, their training, common pitfalls, and solutions as an AI Researcher @ Cisco.

VKTR

The AI Transparency Gap: What Users Don't Know Can Hurt You

...adopt privacy-preserving technologies such as differential privacy or fine-tuning with synthetic data... as Priyanshu explained.

The Trace

ChatGPT Might Have a School Shοοting Problem

...breaking a single prohibited request into several innocuous-seeming questions can make an AI system more than five times as likely to produce a harmful response - Supriti & Aman

Cisco Blogs

Bypassing OpenAI's Structured Outputs - Aman Priyanshu

ENUM-based attack achieved an ASR of 52.89%, compared to 12.44% for normal API calling... - Aman

Equinox IT

The gpt-oss Blossom

Aman Priyanshu and Supriti Vijay analysed expert activations in gpt-oss-20b and pruned under-utilised experts across domain-specialised variants... With this work I imagine pruning will get more attention...

The Koffee Conversation Show

Brewing Brilliance: Hackathons, Research, and Life with Aman Priyanshu | Koffee Conversation @TEIF

...got into privacy preserving ML optimization @ Eder Labs and AI Security @ Robust Intelligence...

Publications

2025

Think Before You Retrieve: Learning Test-Time Adaptive Search with Small Language Models / Reason. Search. Retrieve. Repeat. Iterative Retrieval for Automating Vulnerable Code Discovery

Supriti Vijay*, Aman Priyanshu*, Anu Vellore, Baturay Saglam, Amin Karbasi

arXiv Preprint / Accepted at Conference on Applied Machine Learning in Information Security (CAMLIS)

2025

Llama-3.1-FoundationAI-SecurityLLM-Base-8B Technical Report

Paul Kassianik, Baturay Saglam, Alexander Chen, Blaine Nelson, Anu Vellore, Massimo Aufiero, Fraser Burch, Dhruv Kedia, Avi Zohary, Sajana Weerawardhena, Aman Priyanshu, Adam Swanda, Amy Chang, Hyrum Anderson, Kojin Oshiba, Omar Santos, Yaron Singer, Amin Karbasi

Technical Report (Foundation-AI, Cisco)

2024

Through the Lens of LLMs: Unveiling Differential Privacy Challenges

Aman Priyanshu, Yash Maurya, Vy Tran, Suriya Ganesh Ayyamperumal

USENIX Conference on Privacy Engineering Practice and Respect

2024

FRACTURED-SORRY-Bench: Framework for Revealing Attacks in Conversational Turns Undermining Refusal Efficacy and Defenses over SORRY-Bench

Aman Priyanshu*, Supriti Vijay*

arXiv Preprint

2024

AI Governance and Accountability: An Analysis of Anthropic's Claude

Aman Priyanshu, Yash Maurya, Zuofei Hong

arXiv Preprint

2023

Are Chatbots Ready for Privacy-Sensitive Applications? An Investigation into Input Regurgitation and Prompt-Induced Sanitization

Aman Priyanshu*, Supriti Vijay*, Ayush Kumar, Rakshit Naidu, Fatemehsadat Mireshghallah

arXiv Preprint

2022

AdaptKeyBERT: An Attention-Based Approach Towards Few-Shot & Zero-Shot Domain Adaptation of KeyBERT

Aman Priyanshu*, Supriti Vijay*

arXiv Preprint

2022

NERDA-Con: Extending NER models for Continual Learning - Integrating Distinct Tasks and Updating Distribution Shifts

Supriti Vijay*, Aman Priyanshu*

Updatable Machine Learning Workshop, ICML 2022

2021

Efficient Hyperparameter Optimization for Differentially Private Deep Learning

Aman Priyanshu, Rakshit Naidu, Fatemehsadat Mireshghallah, Mohammad Malekzadeh

Privacy Preserving Machine Learning Workshop, ACM CCS 2021

2021

When Differential Privacy Meets Interpretability: A Case Study

Rakshit Naidu*, Aman Priyanshu*, Aadith Kumar, Sasikanth Kotti, Haofan Wang, Fatemehsadat Mireshghallah

Responsible Computer Vision Workshop, CVPR 2021 & Privacy Preserving Machine Learning Workshop, ACM CCS 2021

Curated Blogs

scrollable: please scroll left or right →

GPT-OSS Expert Analysis & Pruning

GPT-OSS Expert Fingerprinting and Pruning

Released 232 domain-specialized models from 4.2B to 20B (downloaded 30K+ times within 6 months) by analyzing expert activations and pruning.

Breaching Privacy in Real-World Synthetic Data

Breaching Privacy in Synthetic Data

We cracked a real-world differentially private synthetic data by linking public information to exposed PII overnight.

AdaptKeyBERT: Zero-Shot & Few-Shot Keyword Extraction Library

AdaptKeyBERT

We built a keyword extractor, forgot about it, and somehow researchers are actually using it in their work.

A Journey into Dynamic Topic Modeling

Dynamic Topic Modeling

I created a hierarchical topic modeling dataset from RedPajama, with 100k samples and 3 levels of topics.

LinearCosine: "Do we really need multiplication for AI?"

LinearCosine

I created a hierarchical topic modeling dataset from RedPajama, with 100k samples and 3 levels of topics.

API-LLM-Hub: LLM-API integration for Static Pages

API-LLM-Hub

I built a vanilla JavaScript library that lets you use AI APIs directly in browsers, no backend needed.

YC-Dendrolinguistics: Linguistic Trees of YC Pitches

YC Dendrolinguistics

I mapped linguistic patterns in YC startup pitches like growing trees, and built a semantic search tool to explore them.

FRACTURED-SORRY-Bench: Multi-shot prompt injections

FRACTURED-SORRY-Bench

We broke AI safeguards by splitting harmful prompts into innocent sub-questions.

Experience

AI Researcher

Foundation-AI (Cisco)

Feb 2025 - Present

AI Security Researcher

Cisco (AI Defense)

Jan 2025 - Feb 2025

AI Security Research Intern

Robust Intelligence

Jun 2024 - Aug 2024

Founding Member & AI-Lead

MyCelium Sports (Course: 11-681)

Jan 2024 - May 2024

Privacy Engineering Independent Study

Under Professor Norman Sadeh at CMU

Aug 2023 - Apr 2024

Research Project Lead & Contributor

OpenMined

Mar 2023 - Aug 2023

AAAI Undergraduate Consortium Scholar

The Association for the Advancement of Artificial Intelligence

Feb 2023

Co-Founder

Felasa Initiative (Open-Source Women's Safety Awareness Initiative)

Aug 2022 - Present

Privacy Engineer Intern

Eder Labs R&D Private Limited, Delaware, USA

Aug 2022 - Aug 2023

MITACS Research Intern

Concordia University, Quebec, Canada

May 2022 - Aug 2022

Education

Carnegie Mellon University

MSIT in Privacy Engineering

Key Courses: Prompt Engineering (17730), AI Governance (17716), Deep Learning (11785), Computer Technology Law (17562), Differential Privacy (17731), Information Security (17631), & Usability (17734)

Manipal Institute of Technology

B.Tech in Information Technology

Key Courses: Data Structures and Algorithms, Design and Analysis of Algorithms, Object Oriented Programming, Probability and Statistics, Computer Networks, Operating Systems, Database Management

Relevant Projects

Foundation-Sec-8B Family

April 2025 - January 2026

Released and maintained production security LLMs (200K+ downloads) spanning Base, Instruct, and Reasoning 8B variants over a year-long development cycle. Created custom RLVR (Reinforcement Learning from Verifiable Rewards) cybersecurity environments for training reasoning capabilities. Continuously retrained and improved models based on user feedback, achieving state-of-the-art performance on CTI benchmarks while remaining deployable on-premise for sensitive security workflows. Trained 8B-20B parameter models across multi-node GPU clusters (50+ GPUs) using FSDP, DeepSpeed, and custom rig for MoEs.

ARGUS: Iterative Retrieval for Vulnerable Code Discovery

August 2025

Built first-ever RL environment for iterative vulnerability retrieval with 4,500 GitHub Security Advisories. ARGUS-LLaMA-1B (43.9% success) outperforms GPT-4o (39.3%) and LLaMA-405B (41.8%) at 400× smaller size. Presented at CAMLIS 2025. Framework enables automated "reason, search, retrieve, repeat" workflows for discovering vulnerable code in large repositories.

GPT-OSS Expert Fingerprinting

August 2025

Released 232 domain-specialized models 4.2B to 20B (30K+ downloads within 6 months of release) by analyzing expert activation patterns in GPT-OSS-20B's Mixture-of-Experts architecture. Strategic pruning of underutilized experts maintains performance while reducing computational overhead. Includes interactive analytics dashboard and layer comparison tools for behavioral pattern analysis.

Orion: Adaptive Search with Small Language Models

November 2025

Research on multi-turn retrieval architecture enabling compact models (350M-1.2B) to outperform systems 400× larger on general information retrieval domains like Science, Economics, Math, Programming / Coding, Robotics, General Knowledge, and BioMed. Combines synthetic trajectory generation, turn-level reinforcement learning, and beam search for adaptive information retrieval. Achieves 77.6% on SciFact (vs 72.6% prior SOTA) and 25.2% on BRIGHT (vs 22.1%). Demonstrates domain-agnostic generalizability of our synthetic search techniques.

AdaptKeyBERT

October 2022

Built a Python library integrating semi-supervised attention for few-shot and zero-shot domain adaptation in keyphrase extraction. Library has been adopted by researchers across multiple domains for keyword extraction tasks.

DP-HyperparamTuning

August 2021

Tools for hyperparameter optimization in DP-SGD training. Proposed novel customizable reward function enabling users to define privacy-utility tradeoffs through single objective optimization.

Hexa Lite

August 2021

Unsupervised ML system for extracting contextually similar texts, applied to indexing academic literature, law precedents, and financial records. Won Code Innovation Series hackathon in association with GitHub.

Augmented Face Detection API

July 2021

Real-time face verification system with obstruction detection, spoof detection, blur detection, and environment approval. Utilized deep neural networks and genetic algorithms for low-latency performance. Won 1st place in HackRx 2.0 by Bajaj Finserv.

Achievements

15+ Hackathon Wins

2020 - 2025

15+ hackathon wins across ML/AI competitions including 1st place at Strong Compute (ARC AGI), HackRx (Bajaj Finserv), Code Innovation Series, ACM Datathon, CalHacks, etc.; runners up in IEEE BigMM, BobHacks, ShowYourSkill, etc. Projects spanned reasoning frameworks, speech processing, optimization, and privacy-preserving ML.

Research & Travel Grant - AAAI Undergraduate Consortium Scholar

February 2023

Selected as one of twelve individuals for the AAAI UC program, recognizing my research on Privacy and Fairness.

MITACS Globalink Research Scholar

June 2022

Selected as MITACS Globalink Research Scholar at Concordia University, Montreal, Canada for research collaboration in AI and Privacy-Preserving Machine Learning.

Intel Edge AI Scholarship Recipient

January 2020

Selected as one of the recipients of the Intel Edge AI Scholarship Program. Learned about Machine Learning Implementation on the Edge.

Interactive Tools/Demos & Games

scrollable: please scroll left or right →

Federated Learning Hyperparam Tuning Game

FL Interactive Game

Understand and play with federated learning hyperparams! In-browser tensorflow-js simulation of FedAvg to understand and gain intuition about IID and Non-IID Federated Learning settings.

Differentially Private Tetris

Differentially Private Tetris

A unique twist on classic Tetris where players manage a privacy budget to reveal blocks, demonstrating differential privacy concepts through gameplay. Experience privacy-utility tradeoffs in an engaging way.

The Unlearning Protocol

The Unlearning Protocol

An interactive game exploring machine learning unlearning and fairness concepts. Players select data points that least impact the dataset, providing hands-on experience with data removal and model fairness considerations.