Hello, I'm
Varenya Sri Mudumba
Graduate Student at Texas A&M University. Building secure, scalable, and resilient software solutions.
Actively seeking Summer 2026 Internships in Security and Software Development.
About Me
I'm a CS graduate student at Texas A&M University (GPA 4.0/4.0) with hands-on industry experience from Zscaler, where I shipped features across cloud infrastructure, test automation, and secure access systems. Before that, I worked on hardware security research at NIT Durgapur, which led to an IEEE publication.
I'm drawn to hard problems at the boundary of security and systems, focusing on post-quantum cryptographic protocols, AI threat surfaces, and secure tools for software supply chains. I've shipped across the full stack: from low-level Rust cryptography to Go static analyzers to ML fine-tuning pipelines on HPC clusters.
Education
Working at the intersection of systems security and machine learning. I conduct research under Dr. Marcus Botacin's Lab focusing on malware analysis, system threat modeling, and streaming algorithms. Concurrently, I collaborate with the GAIA group in the Dept. of Soil & Crop Sciences, building transfer learning pipelines on HPRC clusters for precision agriculture.
Research assistant under Prof. Bibhash Sen's lab focusing on Hardware Trojan detection using optimization algorithms. Built a strong foundation in computer science, spanning digital systems, computer architecture, algorithms, and software engineering.
Technical Skills
Experience
Graduate Researcher
Texas A&M University, Dr. Marcus Botacin's Lab
Researching streaming algorithms for malware analysis to enable efficient and faster YARA rule generation. Testing and evaluating unique, novel, and mixed/hybrid detection algorithms.
Student Research Assistant
Texas A&M University, Dept. of Soil & Crop Sciences
Collaborating with the GAIA research group on digital agricultural challenges. I scale transfer learning models to analyze multi spectral soil data, leveraging High-Performance Computing (HPRC) clusters to process environmental data for precision agriculture, bridging the gap between deep learning research and practical, impactful application.
Software Development Engineer
Zscaler, Hyderabad, India
I played a pivotal role in supporting and enhancing our quality assurance infrastructure, joining a dedicated effort to build a custom Pytest-based monitoring system that runs over 900 daily regression tests. My contributions helped ensuring this system remained the backbone of our release cycle, catching regressions hours after code commits rather than days.
Beyond testing, I optimized our cloud infrastructure provisioning. By successfully integrating Terraform and Ansible automation into our team's workflow, I reduced the environment setup time from 18 hours to just 3, effectively unblocking the development team and accelerating our sprint velocity. I also championed high code quality, conducting rigorous reviews for over 70 PRs to ensure security and maintainability.
Associate Software Developer Engineer
Zscaler, Hyderabad, India
I focused on architectural consolidation and feature integration. I successfully migrated legacy modules into a unified, modern framework, which reduced technical debt and maintenance overhead by nearly 50%.
I also acted as a bridge between the Zscaler Private Access (ZPA) core team and internal application teams, integrating secure access features that were adopted by over 7 distinct internal groups, streamlining secure connectivity across the organization.
Software Developer Intern
Zscaler, Bangalore, India
During my internship, I automated the setup of our simulation environments ("sim-boxes") on AWS. I automated the lifecycle management of EC2 instances and secure storage via S3 and Secrets Manager, making the process 12 times faster.
Believing that "you can't fix what you can't see," I extended our monitoring capabilities using Kibana and OpenSearch to visualize over 1,000 system metrics, helping the team identify performance bottlenecks that were previously invisible.
Software Developer Intern
Athen Tech India, Hyderabad, India
Built a customer-facing chatbot from scratch using JavaScript in an era where there were no AI agent chatbots. Designed state-machine based conversation flows and integrated with backend APIs to offload routine queries from the support team, successfully resolving over 60% of common issues without human intervention.
Publications
Exploring the PSO-Driven Test Pattern Generation Approach for Hardware Trojan Detection
Mar 2024Authors: Sandip Chakraborty, Mudumba Sri Varenya, Anindan Mondal, Bibhash Sen
Conference: 2024 IEEE International Conference on Interdisciplinary Approaches in Technology and Management for Social Innovation (IATMSI)
View DOIResearch & Development Projects
HMCP: Heimdall Model Context Protocol (Secure MCP Middleware)
Feb 2026Architected secure middleware for Model Context Protocol (MCP) servers and clients. Implemented a post-quantum Kyber-768/X25519 hybrid Key Encapsulation Mechanism (KEM) integrated into a Noise XX handshake. Built decentralized identifier (DID) identity verification, a 3-tier inputs sanitizer (detecting homoglyphs, mixed-script, and control characters), rate limiting, and semantic similarity guardrails to prevent injection, spoofing, and MITM attacks.
GPL: Graduated Penalty Loss for General Continual Learning
May 2026Designed a novel loss formulation mitigating catastrophic forgetting in continual learning. Engineered a phase-aware loss strictness scheduler driven by expected output entropy, combined with a Leitner-box retry-escalation mechanism mimicking physical learning models. Evaluated across TAMU HPRC clusters using synthetic datasets and GLUE benchmarks on BERT/GPT-2.
DepScan: Hybrid Dependency Upgrade Analysis Engine
Mar 2026Built a hybrid dependency upgrade analysis engine in Go combining native AST structural call-graph extraction with LLM reasoning (Gemini/Gemma) to evaluate upgrade safety. Natively parses Go, Python, and Node.js codebases to map relevant execution paths, filtering cosmetic diffs while flagging structural breaks, signature alterations, exception semantics, and call-chain removals. Features CI/CD integrations for GitHub Action annotations and Slack Block Kit webhooks.
LLM Self-Correction SFT (Fine-Tuning Study)
Apr 2026Fine-tuned and evaluated self-correction behaviors in LLMs. Executed LoRA SFT on Qwen2.5-Coder-7B-Instruct using CodeContests. Analyzed severe out-of-distribution performance shifts on HumanEval (57.93% vs 50.61% baseline), MBPP (4% vs 0%), and Codeforces (8.7% vs 0%), documenting the fragility of SFT correction patterns.
Cyber Risk of Shadow AI (Threat Modeling Study)
Apr 2026Conducted an enterprise threat modeling study mapping risks of unauthorized LLM use (Shadow AI) to industry frameworks (NIST CSF 2.0, NIST AI RMF, ISO/IEC 42001, OWASP Top 10 for LLMs). Defined multi-tiered mitigation controls including tenant restrictions, Semantic Prompt Firewalls, and sandboxed local RAG systems.
ZTBI: Zero Trust Browser Interface
Dec 2025Developed a secure browser extension running DistilBERT locally via ONNX Runtime Web. Engineered a Hybrid Scoring and Visibility Engine to detect prompt injections and sensitive PII leaks, defeating tag-splitting, indirect injection, and asynchronous exfiltration channels.
Achievements & Open Source
Open Source
- Merged 2 PRs into
qiskit-machine-learning(IBM Quantum) enhancing library functionality.
Vulnerability Research
- 7 vulnerabilities discovered and disclosed to vendors (representing a mix of individual findings and team research efforts). Hunting for new vulnerabilities is part of the exciting research, even if I cannot beat the mythos for now.
Competitive Programming
- Avid competitive programmer with a peak CodeChef rating of 1893 (achieved during the manual coding era, before AI autocomplete took over).
- Solved 500+ DSA problems across various platforms.
Security
- Active participant in CTF events, focusing on web exploits and practical cybersecurity challenges.
Leadership & Collaboration
Cross-Cultural Team Collaboration
Professional & Academic
At Zscaler, I collaborated closely with distributed engineering teams across Bangalore, Hyderabad, and the US, navigating time zones, aligning on technical specs, and shipping features together. I served as the integration point between the ZPA core team and 7 internal application groups, which meant a lot of async communication, clear documentation, and building trust across organizational boundaries.
At Texas A&M, I work alongside researchers and faculty from diverse international backgrounds within the GAIA group. Whether it's calibrating expectations on research timelines or aligning on ML experiment designs, I've found that the most productive collaborations happen when everyone feels heard, and I actively try to create that environment.
Class Representative
NIT Durgapur, Dept. of CSE
Led a cohort of 190+ students across 4 semesters, coordinating between faculty and students, resolving academic conflicts, and representing the class in departmental meetings. This wasn't just an admin role; it was about being the person people came to when something wasn't working, and figuring out how to fix it together.
Off the Clock
Chess Board
- Casual chess player with a peak rating of 989. Proven ability to solve chess positions on an actual physical board, not just on LeetCode.
Certified Otaku
- Completed 258+ series. (Subtle hint: Yes, this website's design elements and Conqueror's Haki effects are a direct tribute to One Piece).
Gaming
- Highly skilled in tactical coordination and observation across precision combat games and open-world gacha RPGs, maintaining top tier survival rates and quick reflexes.
Urban Explorer
- Logged 35,000+ steps in a single day (personal record). Traveled across 3 nations on Earth and 8 nations in Teyvat.