$ cat ~/projects/llamacve/README.md

LLaMaCVE

AI-Powered CVE Intelligence Platform

View on GitHub

// The Problem

Real-Time Vulnerability Intelligence at Scale

Organizations struggle to stay current with 240,000+ Common Vulnerabilities and Exposures (CVEs) and need intelligent, real-time vulnerability analysis to prioritize security responses effectively.

Challenge 1
Manual CVE tracking across 240K+ vulnerabilities
Challenge 2
Lack of contextual AI-driven vulnerability insights
Challenge 3
No semantic search for security researchers

// My Role

DevOps Engineer & Infrastructure Lead

Designed and implemented the entire production infrastructure on AWS EKS, including custom Kubernetes operators, event streaming pipelines, CI/CD automation, security hardening, and full-stack observability. Built a self-hosted RAG-based LLM system with enterprise-grade reliability and security.

// Architecture

AWS EKS Infrastructure

AWS EKS Architecture

Production Kubernetes cluster on AWS EKS with multi-AZ deployment, auto-scaling, and Istio service mesh

System Architecture

System Architecture

Event-driven architecture with Kafka streaming, custom K8s operator, and PostgreSQL + Pinecone data layer

RAG Pipeline Architecture

RAG Pipeline

Retrieval-Augmented Generation pipeline with LLaMA 3.1, Pinecone vector search, and LangChain integration

// Tech Stack

Infrastructure & Orchestration

Amazon EKSManaged Kubernetes cluster
Kubernetes Operator (Go)Custom CVE monitoring controller
HelmPackage management & templating
TerraformInfrastructure as Code

CI/CD & Automation

JenkinsAutomated build pipelines
PackerCustom AMI creation
Semantic ReleaseAutomated versioning
DockerContainer image management

Data Pipeline

Apache KafkaEvent streaming (99.9% uptime)
PostgreSQLRelational data storage
PineconeVector database for embeddings
FlywayDatabase migrations

AI/ML Stack

LLaMA 3.1 (8B)Self-hosted LLM
OllamaLLM runtime
LangChainRAG orchestration
Hugging FaceText embeddings

Security

Istio mTLSService mesh encryption
Cert-ManagerAutomated TLS certificates
IAM PoliciesAWS access control
CIS BenchmarksSecurity compliance

Observability

PrometheusMetrics collection
GrafanaVisualization dashboards
CloudWatchAWS monitoring
Istio IngressGateway metrics

// Key Achievements

Custom Kubernetes Operator

Developed a Go-based operator to monitor 240K+ CVEs in real-time

70% reduction in vulnerability detection latency
1

Event-Driven Architecture

Engineered Kafka-based streaming pipeline processing 240K+ CVE records

99.9% uptime, 4× throughput improvement
2

RAG Pipeline

Built Retrieval-Augmented Generation system with Ollama LLM and LangChain

<2s response latency
3

Semantic Search

Implemented AI query system using Hugging Face embeddings

85% improvement in search relevance
4

Production-Grade Security

Deployed Istio mTLS, multi-AZ architecture, and IAM encryption

100% TLS coverage, 3× fault tolerance increase
5

CI/CD Automation

Automated pipelines with Jenkins, Helm linting, and semantic versioning

90% reduction in deployment errors
6

Full-Stack Observability

Integrated Prometheus + Grafana for real-time monitoring

AI pipeline health, Kafka throughput, K8s metrics
7

// Impact

240K+
CVEs Tracked
99.9%
System Uptime
<2s
Response Time
-90%
Deployment Errors
View Full Source Code on GitHub →