# Aman Priyanshu - AI Researcher

## AI Researcher (Security Foundation Models - Reasoning & Instruct)

Hi, I'm Aman!

I'm an AI Researcher at[Foundation-AI](https://fdtn.ai)([Cisco](https://www.cisco.com), via the[Robust Intelligence](https://blogs.cisco.com/news/fortifying-the-future-of-security-for-ai-cisco-announces-intent-to-acquire-robust-intelligence)acquisition), working on foundation models for security: reasoning, long-horizon planning, and agentic systems. I led the[Splunk Enterprise Security deployment](https://blogs.cisco.com/security/accelerate-security-operations-with-ciscos-new-security-tuned-model)of Foundation-Sec-8B-1.1-Instruct, where an 8B model now replaces Llama-70B and GPT-OSS-120B in production, processing millions of live security alerts at 10-15x lower cost than the variants it replaced. I'm a core contributor to Foundation-Sec-8B-Reasoning, and across our open-weight security models we've seen 500K+ downloads. Earlier, my disclosure of a 99.8% bypass of Meta's PromptGuard was covered by[SC Magazine](https://www.scmagazine.com/news/metas-promptguard-model-bypassed-by-simple-jailbreak-researchers-say)and[The Register](https://www.theregister.com/2024/07/29/meta_ai_safety/), and patched by Meta.

My research spans AI for security, LLM safety, and privacy-preserving ML. I've published at USENIX PEPR and AAAI, and my AI safety work has led to invitations to[OpenAI's Red Teaming Network](https://drive.google.com/file/d/1V7x-jaOLKZyGTJNAYCH9tIwi5-zLybJJ/view?usp=sharing)and[Anthropic's Model Safety Bug Bounty Program](https://drive.google.com/file/d/1RrJK3BEZaVdvIO30q7aFIJ6z0KpyqmDu/view?usp=sharing). Day-to-day, I train and post-train models ranging from 350M to 100B+ parameters on multi-node GPU clusters, depending on the project.

I did my[Masters in Privacy Engineering at Carnegie Mellon University](https://privacy.cs.cmu.edu), where I worked with[Professor Norman Sadeh](https://s3d.cmu.edu/people/core-faculty/sadeh-norman.html)on LLM security and[Niloofar Mireshghallah](https://mireshghallah.github.io/)on privacy-preserving ML. Currently, I build specialized RL environments for security domains: custom CTF environments for automated penetration testing curricula, vulnerability detection frameworks for iterative code patch discovery, and compact models that coordinate at scale.

## Contact & Links

- Email: amanpriyanshusms2001@gmail.com
- GitHub: https://github.com/AmanPriyanshu
- Google Scholar: https://scholar.google.com/citations?user=69ZaWuUAAAAJ&hl=en
- Twitter: https://twitter.com/AmanPriyanshu6
- LinkedIn: https://linkedin.com/in/aman-priyanshu

- Resume: https://amanpriyanshu.github.io/cv/AmanPriyanshu_Formatted_CV.pdf

---

## News & Media Coverage

### 7 top cybersecurity projects for 2026
*Source: CSO Online*
Cisco AI researcher Aman Priyanshu is developing autonomous vulnerability search agents using SLMs that mimic human analyst workflows through iterative investigation...
[Read more](https://www.csoonline.com/article/4116992/7-top-cybersecurity-projects-for-2026.html)

### Accelerate Security Operations with Cisco's New Security-Tuned Model
*Source: Cisco Blogs*
Custom-tuned Foundation-Sec-8B-1.1-Instruct powering Splunk AI Assistant in Security for alert summarization, MITRE mapping, and SOC workflow acceleration, developed by Aman
[Read more](https://blogs.cisco.com/security/accelerate-security-operations-with-ciscos-new-security-tuned-model)

### Meta's PromptGuard model bypassed by simple jailbreak, researchers say
*Source: SC Media*
Meta's Prompt-Guard, is vulnerable to a simple exploit with a 99.8% success rate... AI Security Researcher Aman Priyanshu wrote in a blog post...
[Read more](https://www.scmagazine.com/news/metas-promptguard-model-bypassed-by-simple-jailbreak-researchers-say)

### Foundation-sec-8b: Cisco Foundation AI's First Open-Source Security Model
*Source: Cisco Blogs*
Cisco Foundation AI's first open-source security base model, trained by Aman Priyanshu & team.
[Read more](https://blogs.cisco.com/security/foundation-sec-cisco-foundation-ai-first-open-source-security-model)

### AI search framework that teaches AI models to think like experts
*Source: Cisco Blogs*
Novel adaptive retrieval framework enabling compact models (350M-1.2B parameters) to learn iterative search strategies, outperforming GPT-4.1 on BRIGHT.
[Read more](https://blogs.cisco.com/security/ai-search-framework-teaches-ai-models-to-think-like-experts)

### Protecting LLMs from Jailbreaks
*Source: Communications of the ACM*
Priyanshu said the biggest risk is organizations assuming their jailbreaking defenses are 100% effective.
[Read more](https://cacm.acm.org/news/protecting-llms-from-jailbreaks/)

### Foundation-sec-8B-Reasoning: The First Open-weight Security Reasoning Model
*Source: Cisco Blogs*
The first open-weight security reasoning model, trained by Aman Priyanshu & team using custom RLVR environments.
[Read more](https://blogs.cisco.com/security/foundation-sec-8b-reasoning-first-open-weight-security-reasoning-model)

### Reasoning Models: An Introduction to More Logical Models
*Source: Cisco & TILOS Faculty Talks*
Exploring reasoning models, their training, common pitfalls, and solutions as an AI Researcher @ Cisco.
[Read more](https://tilos.ai/tilos-cisco-workshop-on-ai-security/#:~:text=Cisco%20and%20TILOS%20Faculty%20Talks%0ATBA%0A%C2%A0%C2%A0%C2%A0Aman%20Priyanshu%2C%20Cisco%20AI%20Safety%20and%20Privacy)

### The AI Transparency Gap: What Users Don't Know Can Hurt You
*Source: VKTR*
...adopt privacy-preserving technologies such as differential privacy or fine-tuning with synthetic data... as Priyanshu explained.
[Read more](https://www.vktr.com/ai-technology/the-ai-transparency-gap-what-users-dont-know-can-hurt-you/)

### ChatGPT Might Have a School Shοοting Problem
*Source: The Trace*
...breaking a single prohibited request into several innocuous-seeming questions can make an AI system more than five times as likely to produce a harmful response - Supriti & Aman
[Read more](https://www.thetrace.org/2025/12/school-shooting-chatgpt-ai-plan-research/)

### Foundation-sec-8B-Instruct: An Out-of-the-Box Security Copilot
*Source: Cisco Blogs*
Release of the instruction-tuned Foundation-sec-8B, developed by Aman Priyanshu & team, enabling ready-to-use security assistance and analysis.
[Read more](https://blogs.cisco.com/security/foundation-sec-8b-instruct-out-of-the-box-security-copilot)

### Bypassing OpenAI's Structured Outputs - Aman Priyanshu
*Source: Cisco Blogs*
ENUM-based attack achieved an ASR of 52.89%, compared to 12.44% for normal API calling... - Aman
[Read more](https://blogs.cisco.com/security/bypassing-openais-structured-outputs-another-simple-jailbreak)

### The gpt-oss Blossom
*Source: Equinox IT*
Aman Priyanshu and Supriti Vijay analysed expert activations in gpt-oss-20b and pruned under-utilised experts across domain-specialised variants... With this work I imagine pruning will get more attention...
[Read more](https://www.equinox.co.nz/blog/the-gpt-oss-blossom)

### Brewing Brilliance: Hackathons, Research, and Life with Aman Priyanshu | Koffee Conversation @TEIF
*Source: The Koffee Conversation Show*
...got into privacy preserving ML optimization @ Eder Labs and AI Security @ Robust Intelligence...
[Read more](https://www.youtube.com/watch?v=GBBmd9YhE00)

---

## Publications

### [Think Before You Retrieve: Learning Test-Time Adaptive Search with Small Language Models](https://arxiv.org/abs/2511.07581)
**Year:** 2025
Supriti Vijay*, Aman Priyanshu*, Anu Vellore, Baturay Saglam, Amin Karbasi
arXiv Preprint / Accepted at Conference on Applied Machine Learning in Information Security (CAMLIS)

### [Llama-3.1-FoundationAI-SecurityLLM-Base-8B Technical Report](https://arxiv.org/abs/2504.21039)
**Year:** 2025
Paul Kassianik, Baturay Saglam, Alexander Chen, Blaine Nelson, Anu Vellore, Massimo Aufiero, Fraser Burch, Dhruv Kedia, Avi Zohary, Sajana Weerawardhena, Aman Priyanshu, Adam Swanda, Amy Chang, Hyrum Anderson, Kojin Oshiba, Omar Santos, Yaron Singer, Amin Karbasi
Technical Report (Foundation-AI, Cisco)

### [Through the Lens of LLMs: Unveiling Differential Privacy Challenges](https://www.usenix.org/conference/pepr24/presentation/priyanshu)
**Year:** 2024
Aman Priyanshu, Yash Maurya, Vy Tran, Suriya Ganesh Ayyamperumal
USENIX Conference on Privacy Engineering Practice and Respect

### [FRACTURED-SORRY-Bench: Framework for Revealing Attacks in Conversational Turns Undermining Refusal Efficacy and Defenses over SORRY-Bench](https://arxiv.org/abs/2408.16163)
**Year:** 2024
Aman Priyanshu*, Supriti Vijay*
arXiv Preprint

### [AI Governance and Accountability: An Analysis of Anthropic's Claude](https://arxiv.org/abs/2407.01557)
**Year:** 2024
Aman Priyanshu, Yash Maurya, Zuofei Hong
arXiv Preprint

### [Are Chatbots Ready for Privacy-Sensitive Applications? An Investigation into Input Regurgitation and Prompt-Induced Sanitization](https://arxiv.org/abs/2305.15008)
**Year:** 2023
Aman Priyanshu*, Supriti Vijay*, Ayush Kumar, Rakshit Naidu, Fatemehsadat Mireshghallah
arXiv Preprint

### [AdaptKeyBERT: An Attention-Based Approach Towards Few-Shot & Zero-Shot Domain Adaptation of KeyBERT](https://arxiv.org/abs/2211.07499)
**Year:** 2022
Aman Priyanshu*, Supriti Vijay*
arXiv Preprint

### [NERDA-Con: Extending NER models for Continual Learning - Integrating Distinct Tasks and Updating Distribution Shifts](https://arxiv.org/abs/2206.14607)
**Year:** 2022
Supriti Vijay*, Aman Priyanshu*
Updatable Machine Learning Workshop, ICML 2022

### [Efficient Hyperparameter Optimization for Differentially Private Deep Learning](https://arxiv.org/abs/2108.03888)
**Year:** 2021
Aman Priyanshu, Rakshit Naidu, Fatemehsadat Mireshghallah, Mohammad Malekzadeh
Privacy Preserving Machine Learning Workshop, ACM CCS 2021

### [When Differential Privacy Meets Interpretability: A Case Study](https://arxiv.org/abs/2106.13203)
**Year:** 2021
Rakshit Naidu*, Aman Priyanshu*, Aadith Kumar, Sasikanth Kotti, Haofan Wang, Fatemehsadat Mireshghallah
Responsible Computer Vision Workshop, CVPR 2021 & Privacy Preserving Machine Learning Workshop, ACM CCS 2021

---

## Curated Blogs

### [GPT-OSS Expert Analysis & Pruning](https://github.com/AmanPriyanshu/GPT-OSS-MoE-ExpertFingerprinting/)
Released 232 domain-specialized models from 4.2B to 20B (downloaded 30K+ times within 6 months) by analyzing expert activations and pruning.

### [Breaching Privacy in Real-World Synthetic Data](https://amanpriyanshu.github.io/SynthLeak/)
We cracked a real-world differentially private synthetic data by linking public information to exposed PII overnight.

### [AdaptKeyBERT: Zero-Shot & Few-Shot Keyword Extraction Library](https://amanpriyanshu.github.io/blogs-2025/posts/2024/adaptkeybert/)
We built a keyword extractor, forgot about it, and somehow researchers are actually using it in their work.

### [A Journey into Dynamic Topic Modeling](https://amanpriyanshu.github.io/blogs-2025/posts/2024/dynamic-topic-modeling/)
I created a hierarchical topic modeling dataset from RedPajama, with 100k samples and 3 levels of topics.

### [LinearCosine: "Do we really need multiplication for AI?"](https://amanpriyanshu.github.io/blogs-2025/posts/2024/linear-cosine/)
I created a hierarchical topic modeling dataset from RedPajama, with 100k samples and 3 levels of topics.

### [API-LLM-Hub: LLM-API integration for Static Pages](https://amanpriyanshu.github.io/blogs-2025/posts/2024/api-llm-hub/)
I built a vanilla JavaScript library that lets you use AI APIs directly in browsers, no backend needed.

### [YC-Dendrolinguistics: Linguistic Trees of YC Pitches](https://amanpriyanshu.github.io/blogs-2025/posts/2024/startup-linguistic-trees/)
I mapped linguistic patterns in YC startup pitches like growing trees, and built a semantic search tool to explore them.

### [FRACTURED-SORRY-Bench: Multi-shot prompt injections](https://amanpriyanshu.github.io/blogs-2025/posts/2024/fractured-sorry-bench/)
We broke AI safeguards by splitting harmful prompts into innocent sub-questions.

---

## Experience

### [AI Researcher](https://fdtn.ai)
**Organization:** Foundation-AI (Cisco)
**Duration:** Feb 2025 - Present

### [AI Security Researcher](https://www.cisco.com/site/us/en/products/security/ai-defense)
**Organization:** Cisco (AI Defense)
**Duration:** Jan 2025 - Feb 2025

### [AI Security Research Intern](https://www.robustintelligence.com)
**Organization:** Robust Intelligence
**Duration:** Jun 2024 - Aug 2024

### [Founding Member & AI-Lead](https://msports.ai)
**Organization:** MyCelium Sports (Course: 11-681)
**Duration:** Jan 2024 - May 2024

### [Privacy Engineering Independent Study](https://www.normsadeh.org/)
**Organization:** Under Professor Norman Sadeh at CMU
**Duration:** Aug 2023 - Apr 2024

### [Research Project Lead & Contributor](https://openmined.org/)
**Organization:** OpenMined
**Duration:** Mar 2023 - Aug 2023

### [AAAI Undergraduate Consortium Scholar](https://aaai-uc.github.io/2023_scholars.html#aman-priyanshu)
**Organization:** The Association for the Advancement of Artificial Intelligence
**Duration:** Feb 2023

### [Co-Founder](http://felasa-initiative.github.io/)
**Organization:** Felasa Initiative (Open-Source Women's Safety Awareness Initiative)
**Duration:** Aug 2022 - Present

### [Privacy Engineer Intern](https://www.eder.io/)
**Organization:** Eder Labs R&D Private Limited, Delaware, USA
**Duration:** Aug 2022 - Aug 2023

### [MITACS Research Intern](https://www.concordia.ca/)
**Organization:** Concordia University, Quebec, Canada
**Duration:** May 2022 - Aug 2022

---

## Education

### Carnegie Mellon University
**Degree:** MSIT in Privacy Engineering
Key Courses: Prompt Engineering (17730), AI Governance (17716), Deep Learning (11785), Computer Technology Law (17562), Differential Privacy (17731), Information Security (17631), & Usability (17734)

### Manipal Institute of Technology
**Degree:** B.Tech in Information Technology
Key Courses: Data Structures and Algorithms, Design and Analysis of Algorithms, Object Oriented Programming, Probability and Statistics, Computer Networks, Operating Systems, Database Management

---

## Relevant Projects

### [Foundation-Sec-8B Family](https://huggingface.co/collections/fdtn-ai/foundation-sec-8b)
April 2025 - January 2026
Released and maintained production security LLMs (200K+ downloads) spanning Base, Instruct, and Reasoning 8B variants over a year-long development cycle. Created custom RLVR (Reinforcement Learning from Verifiable Rewards) cybersecurity environments for training reasoning capabilities. Continuously retrained and improved models based on user feedback, achieving state-of-the-art performance on CTI benchmarks while remaining deployable on-premise for sensitive security workflows. Trained 8B-20B parameter models across multi-node GPU clusters (50+ GPUs) using FSDP, DeepSpeed, and custom rig for MoEs.

### [ARGUS: Iterative Retrieval for Vulnerable Code Discovery](https://www.youtube.com/watch?v=Pj8yTn6CF2Y)
August 2025
Built first-ever RL environment for iterative vulnerability retrieval with 4,500 GitHub Security Advisories. ARGUS-LLaMA-1B (43.9% success) outperforms GPT-4o (39.3%) and LLaMA-405B (41.8%) at 400× smaller size. Presented at CAMLIS 2025. Framework enables automated "reason, search, retrieve, repeat" workflows for discovering vulnerable code in large repositories.

### [GPT-OSS Expert Fingerprinting](https://amanpriyanshu.github.io/GPT-OSS-MoE-ExpertFingerprinting/)
August 2025
Released 232 domain-specialized models 4.2B to 20B (30K+ downloads within 6 months of release) by analyzing expert activation patterns in GPT-OSS-20B's Mixture-of-Experts architecture. Strategic pruning of underutilized experts maintains performance while reducing computational overhead. Includes interactive analytics dashboard and layer comparison tools for behavioral pattern analysis.

### [Orion: Adaptive Search with Small Language Models](https://arxiv.org/abs/2511.07581)
November 2025
Research on multi-turn retrieval architecture enabling compact models (350M-1.2B) to outperform systems 400× larger on general information retrieval domains like Science, Economics, Math, Programming / Coding, Robotics, General Knowledge, and BioMed. Combines synthetic trajectory generation, turn-level reinforcement learning, and beam search for adaptive information retrieval. Achieves 77.6% on SciFact (vs 72.6% prior SOTA) and 25.2% on BRIGHT (vs 22.1%). Demonstrates domain-agnostic generalizability of our synthetic search techniques.

### [AdaptKeyBERT](https://pypi.org/project/adaptkeybert/)
October 2022
Built a Python library integrating semi-supervised attention for few-shot and zero-shot domain adaptation in keyphrase extraction. Library has been adopted by researchers across multiple domains for keyword extraction tasks.

### [DP-HyperparamTuning](https://github.com/AmanPriyanshu/DP-HyperparamTuning)
August 2021
Tools for hyperparameter optimization in DP-SGD training. Proposed novel customizable reward function enabling users to define privacy-utility tradeoffs through single objective optimization.

### [Hexa Lite](https://github.com/AmanPriyanshu/HexaLite)
August 2021
Unsupervised ML system for extracting contextually similar texts, applied to indexing academic literature, law precedents, and financial records. Won Code Innovation Series hackathon in association with GitHub.

### [Augmented Face Detection API](https://github.com/sarthak815/Face-Detection_Model-HackRx2.0)
July 2021
Real-time face verification system with obstruction detection, spoof detection, blur detection, and environment approval. Utilized deep neural networks and genetic algorithms for low-latency performance. Won 1st place in HackRx 2.0 by Bajaj Finserv.

---

## Achievements

### [15+ Hackathon Wins]()
2020 - 2025
15+ hackathon wins across ML/AI competitions including 1st place at Strong Compute (ARC AGI), HackRx (Bajaj Finserv), Code Innovation Series, ACM Datathon, CalHacks, etc.; runners up in IEEE BigMM, BobHacks, ShowYourSkill, etc. Projects spanned reasoning frameworks, speech processing, optimization, and privacy-preserving ML.

### [Research & Travel Grant - AAAI Undergraduate Consortium Scholar](https://aaai-uc.github.io/2023_scholars.html#aman-priyanshu)
February 2023
Selected as one of twelve individuals for the AAAI UC program, recognizing my research on Privacy and Fairness.

### [MITACS Globalink Research Scholar]()
June 2022
Selected as MITACS Globalink Research Scholar at Concordia University, Montreal, Canada for research collaboration in AI and Privacy-Preserving Machine Learning.

### [Intel Edge AI Scholarship Recipient](https://drive.google.com/file/d/1RNC2MpG5DY6orJtmBZBHa2Gm2v8MO4CV/view?usp=sharing)
January 2020
Selected as one of the recipients of the Intel Edge AI Scholarship Program. Learned about Machine Learning Implementation on the Edge.

---

## Interactive Tools/Demos & Games

### [Federated Learning Hyperparam Tuning Game](https://amanpriyanshu.github.io/FL-Interactive-Game/)
Understand and play with federated learning hyperparams! In-browser tensorflow-js simulation of FedAvg to understand and gain intuition about IID and Non-IID Federated Learning settings.

### [Differentially Private Tetris](https://amanpriyanshu.github.io/Differentially-Private-Tetris/)
A unique twist on classic Tetris where players manage a privacy budget to reveal blocks, demonstrating differential privacy concepts through gameplay. Experience privacy-utility tradeoffs in an engaging way.

### [The Unlearning Protocol](https://amanpriyanshu.github.io/The-Unlearning-Protocol/)
An interactive game exploring machine learning unlearning and fairness concepts. Players select data points that least impact the dataset, providing hands-on experience with data removal and model fairness considerations.

---

*© 2024 Aman Priyanshu. All rights reserved.*