Knowledge Hub

Practitioner-grade cybersecurity content

Technical playbooks, war stories, and how-to-think guides — written by practitioners, anchored to the Indian context.

Want structured, step-by-step learning instead? Explore the Academy (guided courses) or the AI security hub.

Latest articles

Most recent practitioner playbooks across every track. Filter by topic in the sidebar, or use search.

Academy

Module 7 · SAST, DAST, and Security in the CI/CD Pipeline

Why this module exists. SAST that produces 1000 false positives per scan trains developers to ignore findings. SAST tuned and triaged surfaces…

May 14, 2026 · 3 min read
Academy

Module 6 · Dependency Security and SBOM Management

Why this module exists. Your application’s CVE exposure is mostly in its dependencies, not its own code. Managing that exposure requires inventory,…

May 14, 2026 · 3 min read
Academy

Module 5 · Application-Level Cryptography — Avoiding the Common Mistakes

Why this module exists. Cryptographic primitives have safe defaults that produce safe outcomes if used correctly. Developers who deviate — even with…

May 14, 2026 · 3 min read
Academy

Module 4 · Authentication and Session Management — Modern Patterns

Why this module exists. Modern authentication is not “username + password + check the DB.” It is a stack of OAuth flows,…

May 14, 2026 · 3 min read
Academy

Module 3 · Input Validation and Output Encoding — Universal Defences

Why this module exists. The single highest-leverage developer education is the principle “structure separates code from data.” Input validation and output encoding…

May 14, 2026 · 5 min read
Academy

Module 7 · Vendor Audits — Conducting and Surviving Them

Why this module exists. Enterprise customers increasingly conduct annual security audits of their critical vendors. Done well by both parties, this is…

May 14, 2026 · 4 min read
Academy

Module 6 · RBI / SEBI / IRDAI Cyber Audit — Indian Regulator Patterns

Why this module exists. Indian regulated entities are audited by their sector regulator (RBI, SEBI, IRDAI, TRAI, etc.) on a different cadence…

May 14, 2026 · 3 min read
Academy

Module 5 · Continuous Control Testing and Automation

Why this module exists. Manual quarterly access reviews break the moment the security team is busy with anything else. Continuous control testing…

May 14, 2026 · 3 min read
Academy

Module 4 · SOC 2 Audit Preparation — Type I to Type II

Why this module exists. Most Indian SaaS companies aim for SOC 2 because their customers demand it. The discipline differs materially from…

May 14, 2026 · 4 min read
Academy

Module 3 · ISO 27001 Internal Audit — Pre-Certification Readiness

Why this module exists. ISO 27001:2022 has 93 Annex A controls grouped into four themes. The internal audit verifies these are implemented…

May 14, 2026 · 3 min read
1 14 15 16 17 18 91