Knowledge Hub

Practitioner-grade cybersecurity content

Technical playbooks, war stories, and how-to-think guides — written by practitioners, anchored to the Indian context.

Want structured, step-by-step learning instead? Explore the Academy (guided courses) or the AI security hub.

Latest articles

Most recent practitioner playbooks across every track. Filter by topic in the sidebar, or use search.

Academy

Module 6 · Security Maturity Models — NIST CSF, ISO 27001, SAMM, CIS in Practice

Why this module exists. Every Indian enterprise we audit has a “maturity assessment” somewhere on file. Few have one that has been…

May 13, 2026 · 5 min read
Academy

Module 5 · Security Policy Architecture — Policy, Standard, Procedure, Baseline

Why this module exists. Auditors ask for “the policy.” Engineers want “the rule.” Both are right; they are asking different questions of…

May 13, 2026 · 4 min read
Academy

Module 4 · Risk Appetite Statement — Writing One That Drives Decisions

Why this module exists. Risk appetite is where governance meets engineering reality. Without a stated appetite, every risk decision becomes ad hoc…

May 13, 2026 · 5 min read
Academy

Module 3 · Board Reporting for Security — Metrics, Narrative, Cadence

Why this module exists. The board is not your peer audience. They are not security practitioners. The report that wins your peers’…

May 13, 2026 · 5 min read
Academy

Module 2 · First 90 Days as a Security Leader — The Practitioner Playbook

Why this module exists. CISO and security-leader transitions in Indian enterprises follow a predictable failure mode. The new leader arrives, the board…

May 13, 2026 · 4 min read
Academy

Module 22 · DCShadow — Stealth Domain Replication Abuse

Why this module exists. DCShadow is the textbook example of “stealth persistence”. An attacker with sufficient privileges does not need to keep…

May 13, 2026 · 6 min read
Academy

Module 21 · LAPS Bypass & Local Admin Password Strategy

Why this module exists. Before LAPS, the canonical AD post-exploitation move was: dump the local Administrator hash from any workstation, then Pass-the-Hash…

May 13, 2026 · 6 min read
Academy

Module 20 · AD Trust Relationships Deep Dive — Forest, External, Shortcut

Why this module exists. AD has six distinct trust types. Each has different transitivity, SID Filtering defaults, Kerberos behaviour, and attacker-reachable abuse…

May 13, 2026 · 5 min read
Academy

Module 19 · SID History Abuse & Cross-Forest Trust Attacks

Why this module exists. Forest trusts were Microsoft’s promise that the forest boundary was a hard security boundary. SID Filtering — enabled…

May 13, 2026 · 6 min read
Academy

Module 18 · AdminSDHolder & SDProp Persistence

Why this module exists. AdminSDHolder is one of the cleanest persistence primitives in AD because it abuses a feature, not a bug.…

May 13, 2026 · 5 min read
1 19 20 21 22 23 91