The latest articles on DEV Community by AYUSH SINGH (@ayush_singh_cc755d41995c8). https://dev.to/ayush_singh_cc755d41995c8 https://media2.dev.to/dynamic/image/width=90,height=90,fit=cover,gravity=auto,format=auto/https:%2F%2Fdev-to-uploads.s3.us-east-2.amazonaws.com%2Fuploads%2Fuser%2Fprofile_image%2F3998105%2F86454144-8ba4-472c-83f0-f4e3a5a0c62b.jpeg https://dev.to/ayush_singh_cc755d41995c8 en AYUSH SINGH Tue, 23 Jun 2026 06:35:11 +0000 https://dev.to/ayush_singh_cc755d41995c8/i-built-a-threat-intelligence-rag-system-from-scratch-heres-what-actually-broke-p81 https://dev.to/ayush_singh_cc755d41995c8/i-built-a-threat-intelligence-rag-system-from-scratch-heres-what-actually-broke-p81 <p>CVE databases are massive. Searching them manually is painful. I wanted to ask plain English questions like "show me all critical RCE vulnerabilities from 2024" and get real answers — so I built a RAG system to do exactly that.</p> <p>The stack</p> <p>🔹 HuggingFace — embeddings<br> 🔹 FAISS — vector store<br> 🔹 Fully local LLM — no OpenAI costs<br> 🔹 AWS — deployment<br> What actually broke (and how I fixed it)</p> <p>The local LLM hallucinated CVE numbers confidently. FAISS retrieval returned irrelevant chunks when queries were too short. Chunking strategy mattered way more than I expected. I'll walk through each failure and the fix.</p> <p>What you'll learn</p> <p>How to build a RAG pipeline without relying on OpenAI, why chunking strategy is underrated, common failure modes in local LLMs, and how to deploy the whole thing to AWS.<br> Full article on Medium 👉 <a href="https://medium.com/p/e9efd48d1799/edit" rel="noopener noreferrer">https://medium.com/p/e9efd48d1799/edit</a><br> github: <a href="https://github.com/letshck/threat-intelligence-RAG" rel="noopener noreferrer">https://github.com/letshck/threat-intelligence-RAG</a></p> <p>Building in AI/security? I'd love to connect.</p> machinelearning rag llm cybersecurity