Sunil Gentyala is a Lead Cybersecurity and AI Security Consultant at HCLTech, where he leads an 11-person security team serving Fortune 500 clients including Uber, Disney, and Royal Caribbean. He serves as HCLTech's designated expert representative to the Cloud Security Alliance and is Security Architect and Framework Designer for HCLTech's AIDefendX initiative.
His research spans adversarial machine learning, Model Context Protocol (MCP) security, post-quantum cryptography, zero-knowledge proofs, and agentic AI governance. He is an IEEE Senior Member (No. 101760715), an active ISACA Professional Member, and holds the 2026 Cybersecurity Excellence Awards Bronze (Cybersecurity Professional of the Year).
He is the creator of open-source security frameworks including ContextGuard (zero-trust middleware for MCP security), the GSH Framework (agentic AI threat hunting mapped to MITRE ATLAS and NIST CSF 2.0), and AegisSwarm-Core (zero-trust governance for multi-agent AI networks), and has published across CSO Online, Dark Reading, SC World, Cyber Defense Magazine, BiometricUpdate.com, and the Cloud Security Alliance, with podcast features on Decoded: The Cybersecurity Podcast.
- Lead Cybersecurity and AI Security Consultant at HCLTech, managing Fortune 500 client security programs
- IEEE Senior Member (No. 101760715) with ORCID 0009-0005-2642-3479
- 9 peer-reviewed IEEE conference papers accepted in 2026, including one (CADLP) published on IEEE Xplore
- Applied research published with the Cloud Security Alliance on zero-trust architectures for multi-agent AI (June 2026)
- 2026 Cybersecurity Excellence Awards Bronze, Cybersecurity Professional of the Year
- Shortlisted, 2026 Cyber Security Influencer of the Year (Cyber Security Awards)
- National Cyber Awards Alan Turing Cyber Leadership Award nominee
- HCLTech designated expert representative to the Cloud Security Alliance
- 40+ open-source security and AI research projects spanning MCP security, post-quantum cryptography, zero-knowledge proofs, and agentic AI governance
- Active peer reviewer for IEEE, CSA, and international conferences
- Peer reviewer, Cyber Defense Review: peer-reviewed journal of the U.S. Army Cyber Institute at West Point (2026)
ContextGuard: Zero-trust middleware for Model Context Protocol (MCP) security
ContextGuard-MCP-PQC: Post-quantum security framework for MCP, hybrid ML-KEM/ML-DSA handshake hardening with HNDL and downgrade-attack proofs of concept (accepted, IEEE ICSCSA 2026)
GSH Framework: Gentyala-Sovereign Hunt, agentic AI threat hunting mapped to MITRE ATLAS and NIST CSF 2.0
AegisSwarm-Core: Zero-trust governance for autonomous multi-agent AI networks using SPIFFE/SPIRE identity, OPA/Rego policy-as-code, and semantic guardrail gateways, mapped to the CSA Agentic Trust Framework and OWASP Top 10 Agentic Risks. Companion research published by the Cloud Security Alliance
TRACE-MAS: Unified cryptographic framework securing multi-agent LLM pipelines against cascading drift, identity spoofing, prompt injection, and temporal adversarial attacks
SybilShield-Core: Composite trust scoring framework for Sybil attack mitigation in permissionless blockchain networks, 94%+ detection at 40% adversary density (accepted, IEEE ICICDS 2026)
CADLP: Context-aware DLP proxy that detects and redacts credentials, PII, and proprietary code before prompts reach external LLM APIs (published, IEEE Xplore)
DockerDNA: Layer-by-layer container security analysis, secrets detection (regex + Shannon entropy), docker-compose scanning, CIS Docker Benchmark v1.6 compliance, CycloneDX SBOM, and SARIF output
ArchForge: Open-source system design workbench with 60+ interactive patterns, a real-time capacity calculator, and AI/LLM architecture templates
ARGUS: Agentic multi-agent framework for autonomous LLM vulnerability discovery, CVSSv4.0 scoring, 8-framework compliance mapping, SARIF output, mapped to the OWASP LLM Top 10 (2025)
MarkSentry: Secure, local-first document-to-Markdown conversion with zero-trust input sanitization, multi-column PDF layout intelligence, LaTeX math conversion, and PII masking
AEGIS: Open-source, offline, bias-aware academic integrity checker, plagiarism, AI detection, LLM watermarking, citation hallucination, and ghostwriting analysis
LaptopAI-Agent: Fully local, privacy-first autonomous AI agent for laptop management, LangGraph reasoning loop, Ollama local LLM, ChromaDB RAG, MCP server, and a SHA-256 chained audit log
| Project | Description |
|---|---|
| ZKP-RA | Zero-knowledge proof reasoning anchors mitigating memory poisoning in autonomous agentic DeFi, Groth16 zk-SNARKs, 182 ms proofs |
| QuantumShieldEdge | Hybrid QKD-integrated federated learning for secure consumer IoT at the network edge (target venue, IEEE CCNC 2027) |
| cipher-mcp-pqc | Hybrid post-quantum governance framework for MCP, composite identity and protocol handshake hardening |
| VigilAgent | Security auditing CLI for AI-agent-authored code changesets, detects package hallucinations and indirect prompt injection |
| OmniRed | Multi-AI offensive security skills library for Claude, ChatGPT, Gemini, and Microsoft Copilot |
| api-gateway-governance | Policy-as-code framework for heterogeneous API gateway estates (Kong, AWS, Envoy), SPIFFE workload identity |
| local-rag-llm | Privacy-first, fully local RAG app, chat with PDFs/DOCX/TXT/CSV via Ollama, LangChain, and ChromaDB |
| crisp-framework | Four-layer defense against biometric injection attacks using TPM attestation, PQ-hybrid encryption, and ZK proofs |
| model-provenance-guard | Cryptographic provenance verification for ML model artifacts (Safetensors, GGUF, PyTorch) in CI/CD pipelines |
| PRANIDHI | Pre-prompt coaching framework for enterprise AI, teaches safe prompt rewriting instead of blocking |
| ReasonTree | Reasoning-based document retrieval using hierarchical tree indexing, no vector database required |
| cyberfuse-ci | Adversarially resilient vulnerability detection via heterogeneous multi-source data fusion and LLM-augmented reasoning |
| imm-ci-framework | IMM-CI self-assessment tool, companion to the IEEE SmartNets 2026 paper |
| awesome-ai-security | Curated collection of resources related to AI security |
| Paper | Venue |
|---|---|
| Contextual Sensitivity Classification and Utility-Preserving Redaction for Enterprise LLM Deployments (CADLP) | IEEE ICIRCA 2026 (published, IEEE Xplore) |
| SybilShield-Core: A Composite Trust Scoring Framework for Sybil Attack Mitigation in Permissionless Blockchain Networks | IEEE ICICDS 2026, Paper ID ICICDS-690 |
| A Post-Quantum Security Framework for Model Context Protocol Using ContextGuard | IEEE ICSCSA 2026 |
| The Metamorphosis of Access: Strategic Imperatives for Identity 3.0 and Zero Trust Integration in Critical Infrastructure | IEEE SmartNets 2026, EDAS #1571252869, introduces the IMM-CI maturity model |
| Governing Heterogeneous API Gateway Estates Through Policy-as-Code: An Engineering Management Perspective | IEEE TEMSCON GLOBAL 2026 |
| A Zero-Trust Supply Chain Security Framework for Model Context Protocol-Based AI Systems | IEEE ICCBI 2026 |
| AdaptFlow: A Self-Optimizing AI-Driven Data Pipeline Architecture for Real-Time Inference at Scale | IEEE ICETM 2026 |
| Temporal Probabilistic Modeling with Uncertainty-Aware LSTM Networks for Self-Aware Fault Detection and Prognostics in Autonomous Aerospace Systems | IEEE MetroAeroSpace 2026 |
| Adaptive Neural Control for Multi-UAV Swarm Coordination: Trajectory Tracking, Collision Avoidance, and Wind Disturbance Rejection | IEEE MetroAeroSpace 2026 |
Zero-Trust Data Pipelines for Enterprise AI Systems (DOI: 10.70589/JRTCSE.2026.14.2.2): JRTCSE, co-authored with Sunil Kumar Mudusu (Church Mutual Insurance)
A Post-Quantum Migration Taxonomy for Model Context Protocol: multi-venue paper (IEEE TIFS, ACM QSec, Elsevier FGCS) applying RFC 9794 PQ/T hybrid constructs to agentic AI infrastructure
LLM Jailbreak Survey: published to Zenodo (DOI: 10.5281/zenodo.19241166) and SSRN
Governing Agentic AI via MCP and COBIT 2019/NIST CSF 2.0: ISACA Journal, co-authored with Praveen Kumar Mannam (Salesforce), under review
Securing the Swarm: Governance, Attack Surfaces, and Zero-Trust Architectures in Multi-Agent AI Environments: Cloud Security Alliance, June 2026, reference implementation in AegisSwarm-Core
1,800+ MCP Servers Exposed Without Authentication: How Zero Trust Can Secure the AI Agent Revolution: CSO Online, May 2026, warns that over 1,800 unauthenticated MCP servers expose enterprise AI infrastructure to critical security risks
MCP is the Backdoor Your Zero-Trust Architecture Forgot to Close: SC World, March 2026, analysis of MCP security attack vectors, hidden AI attack surface, and zero-trust mitigations
The Sentinel Intelligence: A CISO's Guide to Sovereign Security in the Age of AGI: Cyber Defense Magazine, February 2026, introduces the Sentinel Intelligence (SI) architectural framework for countering agentic AI threats
Why 2025's Agentic AI Boom Is a CISO's Worst Nightmare: CSO Online, February 2026, examines indirect prompt injection, memory poisoning, and agentic denial-of-service exploits in enterprise AI deployments
Hardening Browser Security with Zero-Trust Controls: CSO Online, December 2025, six-principle browser-centric zero-trust framework with NIST SP 800-207 and CISA Maturity Model alignment
Beyond Silos: How DDI-AI Integration Is Redefining Cyber Resilience: CSO Online, November 2025, how DDI-AI integration transforms cybersecurity from reactive defense to predictive, automated threat detection
Zscaler-SquareX Deal Boosts Zero Trust, Secure Browsing Capabilities: Dark Reading, expert commentary on browser-centric enforcement architecture and browser zero-trust adoption
Non-Stop Agentic AI Action Has Teams Assembling to Face the Threat: BiometricUpdate.com, May 2026, quoted on enterprise AI agent infrastructure security risks and deployment security gaps
Browser Zero Trust: Hardening Security Controls: Decoded: The Cybersecurity Podcast, December 2025 (41 min), full episode based on his CSO Online browser zero-trust article, also on Apple Podcasts
Security Domains
Frameworks & Standards
Cloud & Infrastructure
Languages & Tools
- IEEE Senior Member, No. 101760715
- ISACA Professional Member, ID 2297870 (active through December 2026)
- Cloud Security Alliance Expert Representative (HCLTech)
- ORCID: 0009-0005-2642-3479
- Web of Science Researcher ID: PQA-0496-2026
- BCS Fellow (Experiential route, completed)
- Zenodo DOI: 10.5281/zenodo.19241166
- #FoundryExpert across IDG/Foundry publications (CSO Online, CIO.com, Computerworld)