Cybersecurity, learned like a practitioner .

Mobile Static Analysis — APK & IPA

Mobile pentesting starts with the binary. APK and IPA files contain code, resources, configuration, often secrets. Android — APK analysis # Extract APK apktool d app.apk -o app-extracted # Decompile to Java jadx -d output app.apk # Run automated MobSF scan docker run -p 8000:8000 opensecurity/mobile-security-framework-mobsf # Upload APK; get full report iOS — IPA […]

Apr 27, 2026 25 min Open

Android Keystore & Secure Storage

Android Keystore generates and stores cryptographic keys in hardware (TEE / StrongBox on supported devices). Apps that store secrets correctly use it; many don’t. The hierarchy SharedPreferences — plaintext file in app sandbox. NOT secure. EncryptedSharedPreferences — wraps with key from Keystore. Standard. Keystore-bound key — never leaves hardware. Highest security. Biometric-bound key — only […]

iOS Keychain & Data Protection

iOS Keychain is hardware-backed. Data Protection classes determine when items are accessible. Data Protection classes kSecAttrAccessibleWhenUnlocked — accessible only when device unlocked. Default for new items. kSecAttrAccessibleAfterFirstUnlock — after first unlock until reboot. For background tasks. kSecAttrAccessibleAlways — anytime. AVOID; deprecated. WhenPasscodeSet variants — only if user has passcode set; deletes if passcode removed. WhenUnlockedThisDeviceOnly […]

Deep Links & URL Schemes

Deep links let other apps invoke yours. Misimplemented, they become attack vectors: open phishing pages, leak tokens, hijack flows. Two patterns Custom URL schemes (myapp://login) — any app can register; squatter wins. Insecure. Universal Links (iOS) / App Links (Android) — domain-verified via well-known file. Only your app handles the URL. App Links setup Android: […]

Windows Hardening — GPO Baseline

Microsoft publishes Security Baselines for Windows Server and Windows 10/11. Adoption rate in Indian enterprises: low. The Microsoft Security Baseline Free GPO templates from Microsoft. Includes 200+ settings tuned for security. Apply via Group Policy or Intune. High-impact specific settings Credential Guard on Windows 10/11/Server 2019+ Application Control (WDAC) / AppLocker BitLocker with TPM + […]

Apr 27, 2026 25 min Open

macOS Security in Enterprise

macOS isn’t niche anymore. Most Indian SaaS startups have 30-50% Macs. Security model differs from Windows. Native protections Gatekeeper — only signed/notarised apps run by default XProtect — Apple’s anti-malware System Integrity Protection (SIP) — even root can’t modify protected paths FileVault — full-disk encryption App Sandbox + Hardened Runtime — for App Store apps […]

Disaster Recovery — RTO, RPO, Tabletop

Backups are the last line. They are also the prime target — modern ransomware encrypts backups before triggering payload. DR design must assume backups are attacker-accessible. RTO and RPO defined RTO (Recovery Time Objective) — how long you can be down RPO (Recovery Point Objective) — how much data you can lose Per-system RTO/RPO. Critical: […]

Apr 27, 2026 25 min Open

Vulnerability Management Programme

Module 13 (DevSecOps) covered triage. This module is the program around it. Programme components Asset inventory — what to scan; tagged with owner, criticality Scanning cadence — Tenable / Qualys / Rapid7 weekly for infrastructure; daily for cloud (CSPM) Triage process — EPSS + KEV + reachability Patch SLAs — by criticality and exposure Exception […]

Asset Inventory at Scale

Asset inventory is the unsexy foundation of every other security control. Without it, vuln management, IR, audit response all fail. What “asset” means in 2026 Physical and virtual servers Endpoints (laptops, desktops) Mobile devices Cloud accounts, projects, subscriptions Cloud resources (instances, storage, databases, functions) Containers and Kubernetes workloads Internet-exposed services (per Module 6, API track) […]