Preeti Ravindra
AI-assisted software development is accelerating how quickly systems are designed, modified, and deployed. While modern security tooling can identify vulnerabilities, misconfigurations, and policy violations, it often struggles to answer a more fundamental question: does the deployed system still reflect the intended security posture?
This talk introduces an approach for automatically deriving threat models from code, infrastructure, and configuration artifacts and tracking their evolution over time. Rather than focusing on code diffs, the approach computes threat model diffs to detect security intent drift, including changes to attack surfaces, trust boundaries, privilege relationships, and sensitive data flows. Through real-world examples of AI-assisted infrastructure changes, I show how security-relevant behavior can emerge without introducing traditional vulnerabilities, and how threat model differencing can surface these risks. The result is a practical workflow for maintaining security oversight in development environments where code changes faster than humans can review it.
Preeti is a technical leader who has delivered security outcomes by applying AI to security problems and ensuring AI systems are reliable and trustworthy for over a decade. Her career spans startups to Fortune 100 companies where she has advanced research and implemented it into scalable, revenue-aligned systems. She solves problems in both product security and security operations bridging research and engineering execution with equal ease. Her value proposition is working across functions, cutting through ambiguity and delivering measurable business value.
As a recognized industry voice, Preeti speaks at conferences like DEFCON,BSides and serves on program committees for CAMLIS, unprompted. She is passionate about bridging the AI and security communities and advancing early career professionals to more senior roles. Currently, Preeti is pursuing AI safety research in AI control.
