Practitioner-grade cybersecurity content
Technical playbooks, war stories, and how-to-think guides — written by practitioners, anchored to the Indian context.
Want structured, step-by-step learning instead? Explore the Academy (guided courses) or the AI security hub.
Latest articles
Most recent practitioner playbooks across every track. Filter by topic in the sidebar, or use search.
Module 23 · Serverless Security — Functions, Event Sources, API Gateway
The serverless threat model What you no longer manage: OS patches, container runtime, network firewall (mostly). What becomes more critical: function code,…
AcademyModule 22 · Kubernetes Security at Production Scale
The four production K8s domains Cluster security: API server, etcd, kubelet, control plane hardening. Workload security: Pod Security Standards, admission control, runtime…
AcademyModule 21 · Cloud Workload Protection (CWPP) — VMs, Containers, Serverless
CWPP vs CSPM CSPM CWPP Configuration of cloud resources What is running on those resources Public buckets, broad SGs, unencrypted volumes Malware,…
AcademyModule 20 · Securing Multi-Cloud Architectures
Why organisations go multi-cloud Resilience against single-provider outage. Regulator preference (RBI may prefer certain providers for specific workloads). Best-of-breed (Azure for M365…
AcademyModule 19 · Cloud Security Posture Management (CSPM) at Production Scale
What CSPM tools do Connect to cloud accounts via API; continuously enumerate resources and configurations; check against benchmark rules; report findings. Tool…
AcademyModule 29 · Advanced JWT Attacks — Beyond Algorithm Confusion
Beyond alg=none and HS256 confusion Module SC-4 covered the classic algorithm-confusion attacks. This module covers the advanced variants. KID header injection #…
AcademyModule 28 · Web Cache Attacks — Deception, Poisoning, Key Confusion
Why cache attacks are different Web applications use multiple cache layers: CDN edge cache, origin proxy cache, application cache. Each interprets URLs…
AcademyModule 27 · WebSockets, SSE, WebRTC — Realtime Web Vulnerabilities
Why realtime channels need different testing Persistent connection rather than request-response. Often bypass HTTP-aware controls (rate limit, WAF rules). Authentication happens at…
AcademyModule 26 · Smart Contract Pentest Fundamentals for Web Testers
What is different about smart contracts Immutable once deployed: no patch cycle (mostly). Find the bug, lose the funds. Public source code:…
AcademyModule 25 · GraphQL Pentesting — Introspection, Authz, Query Abuse
Why GraphQL needs different testing GraphQL provides a single endpoint that responds to flexible query shapes. The implications: Introspection lets the attacker…