SK

Insights on Security & AI 

  • The Silent Failure: Why Green Dashboards Are Hiding Red Risks in Enterprise Security

    The Silent Failure: Why Green Dashboards Are Hiding Red Risks in Enterprise Security

    ## The Monday Morning Illusion It's 9:00 AM on Monday. The CISO walks into the board meeting with a dashboard showing **95% patch compliance**. The vulnerability management platform displays reassuring green checkmarks. The monthly report shows the security team closed 2,847 findings last quarter. The board nods approvingly. By 2:00 PM that same day, the Red Team has gained domain admin access. **What happened?** The dashboard wasn't lying—it just wasn't measuring what mattered. The organization had confused **compliance** (did we run the scanner?) with **security** (did we reduce actual risk?). This is the silent failure of Vulnerability Management. And it's happening at enterprises across every industry, every day. After all these years managing AppSec programs across Finance, telco, and Oil & Gas, I've learned that **vulnerability management fails not because we can't find vulnerabilities—we're drowning in them. It fails because we can't separate signal from noise.** Here's why VM is broken, and what we need to fix.

    11 min read
  • The More Things Change: 18 Years of AppSec in the Trenches

    The More Things Change: 18 Years of AppSec in the Trenches

    After 18 years in Application Security across Finance, Telecom, and Oil & Gas, I've seen tools transform while fundamental challenges remain eternal. From SQL injection to prompt injection, from monolithic banking apps to AI agents—the friction between velocity and safety never changes.

    25 min read
  • Building RFP Aviator: How We Used RAG and LLMs to Automate Enterprise RFP Responses

    Building RFP Aviator: How We Used RAG and LLMs to Automate Enterprise RFP Responses

    A deep dive into building an AI-powered RFP response system using Retrieval-Augmented Generation, LangChain, ChromaDB, and Meta's Llama 3.1. We achieved 90% accuracy processing 100 questions in just 10 minutes.

    25 min read
  • Building an AI-Powered Competitive Intelligence Platform: A 2025 Technical Journey

    Building an AI-Powered Competitive Intelligence Platform: A 2025 Technical Journey

    How we leveraged RAG, LangChain, and open-source LLMs to transform competitive analysis at enterprise scale. From manual spreadsheets to AI-powered real-time competitor insights.

    20 min read

All Articles

2026 © Santhosh Kumar. All Rights Reserved.