Cybersecurity, learned like a practitioner.

Intermediate Free

Disk Imaging — Forensically Sound Acquisition

Why this module exists. “We made a copy of the disk” is not the same as “we forensically imaged the disk.” The difference matters for evidence admissibility, chain of custody, and for the analyst three weeks later trying to reproduce a finding. This module is the practitioner-level disk imaging guide. What forensically sound actually means […]

May 13, 2026 30 min Open

Intermediate Free

Security Policy Architecture — Policy, Standard, Procedure, Baseline

Why this module exists. Auditors ask for “the policy.” Engineers want “the rule.” Both are right; they are asking different questions of different layers. A coherent policy architecture answers both without contradiction. This module is the four-layer model and the operational guidance for building each layer. The four-layer model Layer What it states Approval level […]

May 13, 2026 30 min Open

Intermediate Free

First 90 Days as a Security Leader — The Practitioner Playbook

Why this module exists. CISO and security-leader transitions in Indian enterprises follow a predictable failure mode. The new leader arrives, the board asks for an “assessment”, a 60-slide deck lands six weeks later, and the operational programme drifts for the entire honeymoon period. The disciplined version instead spends the first 90 days establishing five concrete […]

May 13, 2026 30 min Open

Active Directory Security Intermediate Free

LAPS Bypass & Local Admin Password Strategy

Why this module exists. Before LAPS, the canonical AD post-exploitation move was: dump the local Administrator hash from any workstation, then Pass-the-Hash to every other workstation in the estate. LAPS killed that move by making each machine’s password independent. But LAPS adoption is incomplete in Indian enterprises (typically 60-80% coverage in audits) and the ACLs […]

May 13, 2026 30 min Open

Intermediate Members

Quantum Key Distribution (QKD) — Hype vs Reality, and Why PQ Cryptography Wins

QKD uses photonics for physics-based key exchange. Marketing pitches it as uncrackable. Reality: dedicated fibre, expensive, doesnt authenticate, and ML-KEM solves the same problem cheaper. When QKD makes sense (rarely). Module 10.

May 8, 2026 30 min Open

Intermediate Members

Hybrid PQ Deployment — TLS, SSH, IPsec, S/MIME with Classical + ML-KEM Together

Run classical (X25519) + post-quantum (ML-KEM-768) in the same handshake. Adversary needs both to break. Concrete configs for nginx, OpenSSH, strongSwan, Cloudflare. Migration checklist. Module 9.

May 8, 2026 45 min Open

Intermediate Members

SLH-DSA (SPHINCS+) — Hash-Based Signatures for the Long Haul

SLH-DSA (FIPS 205) is the conservative hash-based PQ signature alternative — security rests on hash functions only, no lattice assumptions. When to use it (root CAs, firmware), when not to (TLS, JWT). Module 8.

May 8, 2026 35 min Open

Intermediate Members

ML-DSA (Dilithium) Signatures — Replacing RSA and ECDSA in Code Signing, JWT, and PKI

ML-DSA (FIPS 204) replaces RSA and ECDSA for digital signatures. How lattice signatures work, three security levels, size impact on TLS/JWT/code-signing, the migration playbook. Module 7.

May 8, 2026 40 min Open

Intermediate Members

ML-KEM (Kyber) Deep Dive — Lattice-Based Key Encapsulation Explained

ML-KEM (FIPS 203) is the NIST-standard PQ key exchange replacing RSA and ECDH. Lattice math at intuition level, three security levels, hybrid TLS 1.3 deployment with concrete nginx/Apache/HAProxy/Cloudflare config. Module 6.

May 8, 2026 40 min Open

AI / LLM Security — Beginner to Expert Intermediate Members

Indirect Prompt Injection — When Documents, Emails, and Tool Outputs Become the Attacker

Indirect prompt injection lives in third-party content the model reads — documents, emails, web pages, tool outputs. Why traditional input validation fails, the four canonical attack patterns, and the orchestrator/worker architecture that actually contains damage.

May 8, 2026 40 min Open