AI Security · Platform Engineering · Federal AI
Arun Sanna
Enterprise AI Architect & Forward Deployed Engineer
I build secure AI platforms for the DoD, federal, and frontier teams — from agent security to platform engineering at scale.
- 10+
- Years
- 400+
- Apps on Platform One
- 124K
- Lives supported
Selected work
Systems that carried real missions.
DoD Platform One PartyBus
Foundation engineer and top contributor for DoD's largest secure platform-as-a-service used across mission systems.
- 400+
- Apps
- 20K+
- Containers
- 150+
- DoD Teams
- 4 Weeks
- ATO Cycle
- Kubernetes
- GitLab
- AWS
- Istio
CMS Healthcare Modernization
Led high-speed modernization for CMS workloads with secure cloud migration and faster release cycles.
- 90 Days
- Migration Window
- 40%
- Cost Reduction
- 5
- Apps Modernized
- 50+
- Microservices
- AWS EKS
- Terraform
- GitLab CI
- FedRAMP
Enterprise AI Transformation
Drove enterprise GenAI adoption, delivery acceleration, and AI-assisted engineering practices across teams.
- 35%
- Code via GenAI
- 30%
- Productivity Lift
- 40%
- Proposal Time Cut
- 15→115
- Company Growth
- OpenAI
- Claude
- Gemini
- RAG
Operation Allies Refuge
Supported mission-critical platform operations during emergency response for large-scale humanitarian evacuation.
- 120K+
- Lives Evacuated
- 72h
- Mission Duration
- 24/7
- Uptime
- Hours
- Deploy Time
- High Availability
- Auto Scaling
- Incident Response
- SRE
Open source
Tools I build in the open.
AgentDefense-Bench
Security benchmark for MCP-based AI agents covering prompt injection, jailbreaking, and supply-chain style risks.
Jarvis Cortex
Graph-enhanced memory platform for AI assistants with temporal context and retrieval-aware workflows.
MicroEKS
Production-ready platform toolkit for standing up secure Kubernetes environments with practical guardrails.
Gemini Diagram MCP
MCP server for generating diagrams and visuals from natural language using Gemini multimodal capabilities.
OpenClaw
Personal AI assistant runtime focused on tool orchestration, memory, and terminal-native workflows.
k8s-sherlock
Kubernetes debugging toolkit for faster root-cause analysis and repeatable investigation workflows.
Research
Frontier threads, shipped tools.
Agent Runtime Security
Adversarial evaluation of tool-using AI agents over MCP — prompt injection, jailbreaking, and supply-chain attack paths against agent runtimes.
AI Supply-Chain Transparency
Machine-readable AI bill-of-materials (AIBOM) generation aligned with OWASP — making model provenance, dependencies, and risk traceable.
Graph-Enhanced Memory for AI
Structured knowledge graphs for long-running agent memory — entities, temporal relationships, contradiction handling, and retrieval-aware recall.
Writing
Notes on AI security, agents & federal platforms.
-
What's actually inside your AI? A plain-English guide to the AIBOM
AI bills-of-materials are moving from nice-to-have to non-negotiable. What an AIBOM is, why August 2026 makes it urgent, and how to generate your first one with OWASP-aligned tooling.
-
Defending MCP agents from prompt injection
A threat model for tool-using agents over the Model Context Protocol, and the layered defenses that actually hold up under adversarial testing.
-
cATO on Platform One: compressing ATO from years to weeks
How continuous Authority to Operate reframes compliance as an engineering problem — and the platform patterns that made a 4-week ATO cycle real.
-
A graph-enhanced memory system for AI assistants
Entities, relationships, and time: designing assistant memory that survives long-running operations, handles contradictions, and recalls with intent.
Recognition
Awards, selective membership & peer service.
The signals that travel — national awards, merit-based selection, and service to the field.
- SECAF Project of the Year 2024
Small & Emerging Contractors Advisory Forum
- Platform One
Only non-US citizen selected onto the team
- IEEE
Professional member & volunteer leadership
- ACM
Certified reviewer — conference paper review
- OWASP
AIBOM working-group contributor
- Employee of the Year 2017
REAN Cloud
Let's build
Frontier AI work, hard platform & security problems, mission-driven teams.
If you're building secure AI systems at scale — or hiring someone who has — I'd like to hear about it.