Cybersecurity, learned like a practitioner.

Blue Team / SOC Operations Advanced Free

Insider Threat Detection

Why this module exists. External attackers get the headlines; insiders cause more breaches by volume. Verizon DBIR consistently shows ~20% of breaches are insider-driven (deliberate + accidental combined). Detecting them requires different signals from external-attack detection, and operating in the privacy-respecting envelope DPDP / labour law / cultural norms allow. The insider-threat taxonomy Malicious insider […]

Apr 27, 2026 30 min Open

Blue Team / SOC Operations Intermediate Free

Email Security & Phishing Triage

Why this module exists. Email is still the primary initial-access vector in 2026. Verizon DBIR: ~30% of breaches start with phishing. Modern phishing is sophisticated (AI-generated content, MFA-aware), and email-security tools have advanced (sandboxing, behavioural detection, DMARC enforcement). Defenders who haven’t kept pace have a 2018-grade email defence. The four phishing variants you’ll see Bulk […]

Apr 27, 2026 30 min Open

Blue Team / SOC Operations Advanced Free

Incident Response Lifecycle — NIST + SANS in Practice

Why this module exists. Every CISO knows the NIST IR lifecycle (Prepare, Identify, Contain, Eradicate, Recover, Lessons Learned). Few have actually executed it under pressure. The translation from textbook diagram to “the breach is happening, what do we do at 02:30 IST” is what separates exercises from outcomes. The lifecycle in operational terms Phase What […]

Apr 27, 2026 35 min Open

Blue Team / SOC Operations Intermediate Free

Log Management at Scale — Patterns and Pitfalls

Why this module exists. Logs are the SOC’s primary data. Bad log architecture means missed detections, slow investigations, and impossible audit response. Good architecture means hunts complete in seconds and forensic timelines reconstruct in hours. The difference is mostly upfront planning. The log-management problem in 2026 numbers A medium Indian enterprise (5,000 endpoints, 200 servers, […]

Apr 27, 2026 30 min Open

Blue Team / SOC Operations Intermediate Free

SOAR Playbooks — Practical Automation

Why this module exists. SOAR (Security Orchestration, Automation, Response) is the highest-leverage SOC investment after a competent SIEM. Done right, it cuts MTTR by 60-80%. Done wrong, it generates false confidence (“our automation handled it”) while alerts pile up in queues. The difference is playbook design discipline. What SOAR actually does Three layers of automation: […]

Apr 27, 2026 30 min Open

DPDP Compliance Practitioner Intermediate Free

Data Subject Rights — Building the DSR Workflow

Why this module exists. DPDP Sections 11, 12, 13 grant Data Principals four rights: access, correction, erasure, grievance redress. Every Data Fiduciary must have a workflow to honour these. The workflow is where most Indian businesses fail — they have a privacy notice, no DSR pipeline, and a 7-day deadline they can’t meet. The four […]

Apr 27, 2026 35 min Open

DPDP Compliance Practitioner Intermediate Free

Cross-Border Data Transfers — DPDP §16 in Practice

Why this module exists. DPDP §16 is the section every Indian SaaS founder argues with their legal team about. “Can we use AWS US?” “Can we send data to our analytics team in Singapore?” “What about Stripe?” The answers depend on where you are sectorally and what mechanism you use. Most enterprises operate in a […]

Apr 27, 2026 30 min Open

DPDP Compliance Practitioner Intermediate Free

Vendor & Data Processor Management Under DPDP §8(7)

Why this module exists. DPDP §8(7) requires every Data Fiduciary to enter into a contract with every Data Processor. The contract must contain specific elements, and the Data Fiduciary remains liable for processor failures. Most Indian businesses signed vendor agreements years ago; few of those agreements meet §8(7). This module is the rebuild playbook. Who […]

Apr 27, 2026 30 min Open

DPDP Compliance Practitioner Intermediate Free

Data Retention & Erasure — DPDP §8(7) and §12

Why this module exists. “How long do we keep customer data?” is the question that has the most-wrong answers in Indian SaaS. The right answer is structured: per-data-category retention, with sectoral overrides, with erasure capability for data principals. Implementing this requires both legal mapping and engineering work. The DPDP retention principle §8(7)(d): “the personal data […]

Apr 27, 2026 30 min Open

DPDP Compliance Practitioner Advanced Free

DPIA — Data Protection Impact Assessment Under DPDP

Why this module exists. §10(2)(c) requires Significant Data Fiduciaries (SDFs) to conduct DPIAs. The Rules (when published) will likely extend DPIA expectations to high-risk processing by all Data Fiduciaries. Most Indian businesses have never done one. The methodology is more practical than the legal text suggests. What a DPIA is A structured assessment of a […]

Apr 27, 2026 35 min Open