Vinay Vobbilichetty

https://vinayvobbili.github.io/Vinay VobbilichettyEngineering notes on distributed LLM platforms, agentic AI, and security automation — from someone shipping production systems at scale. 2026-06-06T23:30:45-04:00 Vinay Vobbilichetty https://vinayvobbili.github.io/ Jekyll © 2026 Vinay Vobbilichetty /assets/img/favicons/favicon.ico /assets/img/favicons/favicon-96x96.png The Day My AI SOC Went Quiet2026-06-06T12:00:00-04:00 2026-06-06T12:00:00-04:00 https://vinayvobbili.github.io/posts/the-day-my-ai-soc-went-quiet/ Vinay Vobbilichetty

A multi-agent AI SOC stopped posting verdicts — no errors, no crash, no alert. Just silence. The failover had worked perfectly, and that was exactly the problem. A post-mortem on success-shaped failures in LLM systems, and why "it didn't throw" is the most dangerous sentence in production AI.

detflow: A Detection-Engineering Copilot You Can pip install2026-06-06T09:00:00-04:00 2026-06-06T17:36:53-04:00 https://vinayvobbili.github.io/posts/detflow-detection-engineering-copilot/ Vinay Vobbilichetty

I kept rebuilding the same four things inside every detection-as-code pipeline — lint a rule, draft one from plain English, check it against what you already run, and review it like a senior engineer. So I extracted them into detflow, a vendor-neutral OSS Python package. Deterministic lint and overlap with no dependencies, model-agnostic drafting and review, and a never-raises contract so it degrades instead of breaking.

iocflow: Turning a Production AI SOC into a Shippable OSS Library2026-05-31T09:00:00-04:00 2026-06-06T17:36:53-04:00 https://vinayvobbili.github.io/posts/iocflow-agentic-ioc-lifecycle/ Vinay Vobbilichetty

After building SOC-in-a-Box — a multi-agent AI SOC where one local LLM wears every hat behind a human-in-the-loop gate — I distilled the durable lesson into iocflow, an open-source Python package for the whole IOC lifecycle. Deterministic primitives (extract → enrich → comment → hunt → block) as tools, a LangGraph multi-agent team on top, and three-layer authority so the LLM never gets the final say on a destructive action.

SOC-in-a-Box: One LLM, Eight Hats, A Production-Bar AI SOC on a Single GPU2026-05-30T09:00:00-04:00 2026-06-06T17:36:53-04:00 https://vinayvobbili.github.io/posts/building-soc-in-a-box/ Vinay Vobbilichetty

An AVP-sponsored multi-agent SOC where one local LLM plays Sentinel, Tier 2, IR Lead, Threat Intel, SOC Manager, Detection Engineer, and Threat Hunter — coordinated over a Redis Streams bus with a human-in-the-loop approval gate before any real-system action. The framework choices, the architectural trade-offs, and the backtest harness that lets us put real numbers on agent quality before going live.

Three Chat Template Patterns That Silently Kill Your Prompt Cache2026-05-14T09:00:00-04:00 2026-05-14T22:06:37-04:00 https://vinayvobbili.github.io/posts/three-chat-template-patterns-kill-prompt-cache/ Vinay Vobbilichetty

Before swapping models on a prompt-caching LLM backend, three Jinja2 patterns in the chat template will quietly break your cache hit rate. A 5-minute check against the published tokenizer config catches all three — no GPU, no weights, no inference required.