I'm R. Ajay Kumar — an MCA graduate from PES University, Bengaluru, building production web apps with React, Angular and Node, and architecting ShieldPatch, an AI-driven vulnerability detection and patch management platform. Two internships, one IEEE-track capstone, and a habit of shipping clean code.
I'm based in Bengaluru, and completed my Master of Computer Applications at PES University (CGPA 7.9/10) in 2026, following a Bachelor's in Computer Applications from JNRM, Port Blair.
My internships have run across the stack — building responsive React/Bootstrap e-commerce interfaces at Zigguratss Artwork LLP, and earlier, bridging client requirements with Angular/Node/MySQL development at Webigo. Alongside that I've gone deep on cybersecurity tooling and applied machine learning, which led to my capstone project, ShieldPatch.
I'm comfortable owning a feature end-to-end: frontend UI, REST APIs, database schema, and — increasingly — the security and ML layer that sits underneath modern software.
Organizations face a rapidly increasing flood of software vulnerabilities every day, and manual detection-and-patching is too slow — attackers now use automation to find weaknesses faster than traditional tools can respond. ShieldPatch is my capstone answer to that gap: an end-to-end platform that pulls live threat intelligence (CVE, EPSS, ExploitDB), scores exploit risk with machine learning, tests patches safely in a sandbox, and rolls them out — or rolls them back — with minimal manual effort.
Manual vulnerability detection and patching is time-consuming and error-prone, and exploited vulnerabilities lead directly to data breaches, ransomware and downtime. ShieldPatch closes the gap between vulnerability discovery and remediation — automating the path from "a flaw exists" to "it's safely fixed."
Continuously scrapes and aggregates CVE, EPSS and ExploitDB feeds via Requests & BeautifulSoup, so risk scoring is always grounded in real, current exploit activity — not stale CVSS numbers alone.
A TF-IDF vectoriser feeds three regressors — Ridge, Random Forest and XGBoost — trained on ~2,058 cleaned CVE records. Random Forest was shipped to production: R² 0.81, MSE 0.10, correctly separating real exploits (RCE in Apache Struts → 7.30) from cosmetic issues (UI misalignment → 6.47).
Every patch is trialled in an isolated Docker sandbox before deployment, with automated rollback on any non-zero exit code. 126 consecutive sandbox jobs ran in testing with zero failures.
OSQuery handles live endpoint telemetry; Androguard inspects Android APKs and pefile analyzes Windows executables — giving ShieldPatch visibility into both system-level and file-level risk.
A Rasa + Gemini-powered chatbot, built directly into the dashboard, answers plain-language questions like "What is CVE-2024-12345?" or "How do I fix a buffer overflow?" — lowering the expertise bar for fast remediation.
Every confirmed patch, rejection and rollback is logged to MySQL and fed back into model retraining — so ShieldPatch's predictions sharpen over time.
| Frontend | React.js, Bootstrap, HTML5, CSS3 |
| Backend | Python (Flask) — RESTful API development & server logic |
| Database | MySQL — users, scan results, vulnerability data, patch logs |
| Scanning & Scripting | OSQuery for cross-platform scanning; PowerShell & Bash for detection / patch execution |
| File Analysis | Androguard (Android APKs), pefile (Windows executables) |
| ML / AI | Scikit-learn — TF-IDF vectoriser + Ridge / Random Forest / XGBoost regressors for exploit risk prediction |
| Threat Intel | Requests & BeautifulSoup — scraping live CVE / NVD / exploit feeds |
| Sandbox | Docker, VirtualBox — isolated patch testing & rollback |
| Chatbot | SentiVor — Rasa + Gemini API integration |
| Tooling | Git, VS Code, PyCharm, WebStorm |
Part of the capstone work involved benchmarking ShieldPatch's design against existing approaches in the literature — most solve one slice of the problem (scoring, scheduling, or prediction) but not the full real-time, contextual, automated loop.
| System | Automation | Real-time | Context-aware | Interface |
| EPSS | Low — manual analysis | ✖ | ✖ Limited | Dashboard only |
| SmartPatch | Partial — guided | ~ Semi | ~ System-level | Web-based |
| ILLATION (2024) | Moderate — model-based | ✔ | ✔ Asset-aware | CLI / Script |
| Hoque et al. (2021) | Offline only | ✖ | ✖ Limited | None |
| ShieldPatch | Fully automated | ✔ Real-time | ✔ Full contextual | Web dashboard + chatbot |
Three regressors were trained on TF-IDF vectors of ~2,058 cleaned CVE descriptions. Random Forest was shipped to production for its stability across vulnerability categories.
| Linear Regression | R² 0.81 · MSE 0.10 — fast, stable baseline |
| Random Forest | R² 0.81 · MSE 0.10 — shipped to production |
| XGBoost | R² 0.78 · MSE 0.12 — higher variance |
Tested live on a macOS host: ShieldPatch scanned the system, surfaced 1,989 open vulnerabilities, and patched 89% of them in the lab environment. Sample findings —
| CVE-2023-54321 | ExampleApp v1.2.3 — Risk Score 99, Critical |
| CVE-2024-12345 | OpenSSL — Risk Score 95, High · patched via Sandbox Job #125, 95% confidence |
| LocalDaemon | Risk Score 41, Medium |
This work is written up as an IEEE-formatted research paper, ShieldPatch: Predict. Protect. Prevail., grounded in a literature survey across ten papers — including FIRST.org's EPSS model, IEEE's work on cyber threat intelligence mining, and recent (2024–25) research on context-aware vulnerability prioritization and graph-based exploitability prediction. The full paper — methodology, architecture diagrams and benchmark results — is downloadable below.
A 5-language, multilingual agricultural platform delivering hyper-local, real-time crop recommendations using GPS-based geolocation and OpenWeather API integration. Built a normalized MySQL schema with RESTful Express.js APIs, and implemented ngx-translate for zero-page-reload language switching — significantly improving accessibility for rural users with diverse linguistic backgrounds.
A full-cycle web portal for bus pass registration, renewal and multi-level admin approval, with role-based access control, secure CRUD operations and data validation. Designed a normalized relational schema with server-side error handling and a responsive, accessible UI.
Based in Bengaluru, open to relocation and remote opportunities. Reach out for the full ShieldPatch IEEE paper, reference letters, or just to talk shop.