Knowledge Hub

Practitioner-grade cybersecurity content

Technical playbooks, war stories, and how-to-think guides — written by practitioners, anchored to the Indian context.

Want structured, step-by-step learning instead? Explore the Academy (guided courses) or the AI security hub.

Latest articles

Most recent practitioner playbooks across every track. Filter by topic in the sidebar, or use search.

Module 12 · Security Awareness Training

Annual click-through training is theatre. Modern awareness is continuous, simulated, measured. The programme Onboarding — security 101 within first week Quarterly refresh…

Apr 27, 2026 · 1 min read

Academy

Module 10 · Vendor Risk Management Programme

Module 7 (DPDP track) covered DPA-specific. This is the broader vendor-risk programme. Programme components Vendor classification (tier 1/2/3 by data sensitivity, criticality)…

Apr 27, 2026 · 1 min read

Academy

Module 9 · Enterprise Risk Register

Risk register = single source of truth for organisational security risks. Too often a spreadsheet that nobody reads. Done right, drives quarterly…

Apr 27, 2026 · 1 min read

Academy

Module 8 · Policy Architecture

Most security policies are written, ignored, retrieved only for audits. The structure that actually drives behaviour: Three layers Policy — what we…

Apr 27, 2026 · 1 min read

Academy

Module 7 · SOC 2 Type II — Indian SaaS Reality

SOC 2 isn’t a certification — it’s an attestation. CPA opines on your controls. Indian SaaS selling to US customers will have…

Apr 27, 2026 · 1 min read

Academy

Module 6 · ISO 27001:2022 Implementation

ISO 27001:2022 is the global infosec standard. Indian SaaS that sells to enterprise customers needs it. The ISMS lifecycle Define scope (which…

Apr 27, 2026 · 1 min read

Academy

Module 15 · IoT Penetration Testing Methodology

IoT pentesting spans more layers than typical web. Methodology to cover all of them. Phases Reconnaissance — manuals, FCC IDs, FCC database,…

Apr 27, 2026 · 1 min read

Academy

Module 14 · IoT Cloud Integration Security

Modern IoT goes cloud. Cloud security + IoT security overlap. Patterns Device identity — per-device X.509 cert (best); shared key (acceptable); password…

Apr 27, 2026 · 1 min read

Academy

Module 13 · IoT Supply Chain Risk

IoT devices ship with security debt. Default creds, no update mechanism, hardcoded keys. Supply chain compounds it. Issues Default credentials never changed…

Apr 27, 2026 · 1 min read

Academy

Module 12 · OT Incident Response

OT IR differs from IT IR. Safety supersedes investigation. Containment can mean physical action, not just network isolation. Differences Safety first; never…

Apr 27, 2026 · 1 min read

← Newer 1 … 41 42 43 44 45 … 91 Older →