Mastodawn

Some repos which AI agents and I worked on:

Reset USB, a program which resets all the devices on the USB bus in Linux https://github.com/omkhar/resetusb

DNS Update, a program which updates A and/or AAAA records based on your current public IP(s). https://github.com/omkhar/dns-update

Omkhar Mar 20

AI coding agents : Claude Code, Codex, Copilot and their kin are changing how software gets built. Faster. Smarter. More autonomous. And that's exactly what keeps me up at night.

I’ve been playing with these agents for a bit, you can see some of the code that me and AI have authored together (Github link in the comments) - PRs are welcome!

Our adoption is outpacing our ability to secure things. Three open research problems explain why:

1. Detection is broken.
When an LLM agent runs on your developer's endpoint, what is it actually doing? Bypassing a control because it's buggy? Being "enterprising"? Or is that just a bad actor on your network? We lack the telemetry, the baselines, and the tooling to answer that question at scale. There is more noise than signal, your detection and response team isn't sleeping.

2. More code ≠ good code.
Multi-thousand-line PRs are trivial to generate. But are they correct? We abandoned KLOCs as a productivity metric in the 90s for good reason. As agent generated code volumes grow, human PR review won't scale. We need to find better ways of maintaining our invariants.

3. The supply chain problem just got recursive.
We spent years hardening software supply chains. Now we're injecting code from models trained on data we don't fully understand, via pipelines we don't fully control, into systems we absolutely must protect. And if the bad guys compromise your AI provider? Are they surveilling training data, or intentionally shaping outputs?

So I'll ask what most vendors aren't:

How are you monitoring what your AI agents do on developer endpoints and separating signal from noise?

How would you know if an agent made an "enterprising" decision that introduced a vulnerability?

How do you secure your LLM supply chain, and what will you do when they're compromised?

I don't have all the answers. And to any vendor about to drop a "turnkey solution" in my comments, I assure you: neither do you. Fair warning ahead of RSAC, sorry I won't be there.

So, keep your eyes peeled, because:

"Sleep is the cousin of death."

— Nas, Chief AI Vigilance Officer, Queensbridge (Illmatic, 1994)

Omkhar Mar 10

S&K Scholarship Mar 10

Check out https://www.skscholarship.com for more information about the @skscholarship as well as to read about the impact that the scholarship has had on recipients.

#cybersecurity #scholarship

The S&K Scholarship

The S&K Scholarship supports a new generation of engineers in an inclusive environment that breaks down barriers in STEM.

S&K Scholarship

Omkhar Mar 9

Maryam. Shaunda. Fulgence. Nikoloz. 🎉 Sabrina and I started the @skscholarship because this field needs more people like you. So proud. Go build something the world needs.

More here:
https://www.linkedin.com/posts/nyutandonmade-share-7436765476770385920-RNtM

#nyutandonmade | NYU Tandon School of Engineering

Innovation and opportunity are at the heart of the future of cybersecurity. We’re honored to introduce the Spring 2026 S&K Scholarship recipients, a group of brilliant students ready to make their mark on the world of engineering. Maryam Noori Shaunda J. Junior-Fulgence Amegble Nikoloz Tskhovrebadze A special thank you to Omkhar Arasaratnam and his wife, Sabrina, whose vision and generosity make this scholarship possible. Their support helps open doors in STEM and empowers emerging talent to reach new heights. “We’re proud to support Maryam, Shaunda, Fulgence, and Nikoloz through the S&K Scholarship. Their commitment to cybersecurity and community impact reflects the kind of leadership our field needs. We hope this support reduces financial pressure so they can stay focused on building skills, serving others, and creating long-term value.” We can't wait to see the incredible impact this cohort will make. Congratulations to all! #NYUTandonMade

Omkhar Mar 8

Cybersecurity loves talking about pipeline problems. Scholarships are what fixing one looks like.

Sabrina and I started the @skscholarship to help underrepresented people get a fair shot.

Spring 2026 scholars are up next.

#IWD2026

Omkhar Jan 19

S&K Scholarship Jan 19

"Life's most persistent and urgent question is, 'What are you doing for others?'" -- Dr. Martin Luther King Jr.

The @skscholarship has supported 30 students in achieving their goals at NYU over the last five years.

We've also assisted through anonymous contributions benefiting underserved communities pursuing STEM education.

How are you serving your community?

#mlkday

Omkhar Jan 19

"Life's most persistent and urgent question is, 'What are you doing for others?"

-- Dr. Martin Luther King Jr.

Omkhar Jan 17

On January 15, 2026 @Wikipedia celebrated its 25th anniversary. While the Web itself has gone through good, bad, and ugly, Wikipedia stands out as one of the best things to come out of the information age.

I've had the privilege of being around to see the World Wide Web grow up. I've been even more honored to contribute to a couple of its load-bearing parts.

It's hard to think of an effort that embodies the original vision of the Web, a place to democratize knowledge, better than Wikipedia.

With over 60 million articles across 300+ languages, the @wikimediafoundation remains a non-profit built on volunteer contributions and Editor donations of articles and quality control.

In an era where so much of the internet has been captured by engagement algorithms and walled gardens, Wikipedia is a reminder of what we set out to build in the first place.

Happy birthday, Wikipedia and thank you to all the Editors. I hope I'll be around to see your 50th and beyond!

Celebrate this momentus occasion by attending a local meet up :

https://wikimediafoundation.org/wikipedia25/wikipedia-mascot/

#wikipedia

Wikipedia's mascot – Wikimedia Foundation

Get to know Baby Globe, Wikipedia’s 25th birthday mascot. Discover where this curious and playful personality will be popping up next.

Wikimedia Foundation

Omkhar Oct 18

Seth Hanford 🐡Oct 17

Hey, it's Friday. Want a cool job with cool people? Job is hybrid or remote, US-based. Pay listed is for base salary, and with the MSFT RSUs, you can find a role equivalent expectation per levels.fyi, LinkedIn Manager MR3

My boss is hiring a Manager of Detection Engineering. I partner directly with this manager as the Sr Staff Engineer supporting this DE function and team. All of the detection engineers are really great, and the incident responders we support are, too! We also have a team dedicated to defense infrastructure that manage all of the amazing data pipelines that supply us with the visibility we need to do great work. In this role, you could focus on mentoring, coaching, and developing people dedicated solely to detection engineering.

Happy to have a chat with anybody about the role & expectations; feel free to DM me if you need more details.

https://www.linkedin.com/jobs/view/4313267504/

#fedijobs #getfedihired #hiring

LinkedIn hiring Manager, Information Security - Detection Engineering in Sunnyvale, CA | LinkedIn

Posted 6:22:47 PM. Company DescriptionLinkedIn is the world’s largest professional network, built to create economic…See this and similar jobs on LinkedIn.

Omkhar Oct 1

As we get over vibe code peak hype, many folks are discovering a new kind of software engineering.

Slop Ops*: Turning what the LLMs have generated into performant, robust, maintainable code.

What’s your Slop Ops:Vibe Code time spent ratio?

*Saw this on the internet somewhere, must be true.

GitHub	https://github.com/omkhar
Homepage	https://omkhar.net