Practitioner-grade cybersecurity content
Technical playbooks, war stories, and how-to-think guides — written by practitioners, anchored to the Indian context.
Want structured, step-by-step learning instead? Explore the Academy (guided courses) or the AI security hub.
Latest articles
Most recent practitioner playbooks across every track. Filter by topic in the sidebar, or use search.
Module 11 · IOC Hygiene
Buying IOC feeds is the easy part. Operationalising them without false positives is the hard part. IOC lifecycle Ingest from source Score…
AcademyModule 10 · OSINT for Actor Profiling
For sectoral and regional threat awareness, OSINT is invaluable. Sources Public threat reports — Mandiant, CrowdStrike, Microsoft, Recorded Future VirusTotal Intelligence —…
AcademyModule 9 · Attribution Methodology
“Who did this?” is often the wrong question. Attribution is hard, slow, and often inconclusive. Defenders mostly need TTP-level intel, not actor…
AcademyModule 8 · STIX & TAXII Standards
STIX = data format. TAXII = transport. Together: machine-readable threat intel sharing. STIX object types Indicator (the “what to look for”) Threat…
AcademyModule 7 · MITRE ATT&CK in Practice
MITRE ATT&CK is the de-facto common language. Operationalising it requires discipline. The structure Tactics (14) — adversary goals (Initial Access, Execution, Persistence,…
AcademyModule 6 · The Pyramid of Pain
Covered briefly in Blue Team Module 6. This is the deeper dive. The pyramid Hash values — recompile, hash changes IPs —…
AcademyModule 15 · Red Team Engagement Management
Red team is high-risk consulting. A bad engagement can crash production, leak data, breach contracts. Discipline matters. Rules of Engagement (ROE) Authorized…
AcademyModule 14 · Red-to-Purple Handoff
One-shot red team engagement: report → file in drawer. Purple-team handoff: report → workshop → detections built. The latter is what produces…
AcademyModule 13 · Red Team Reporting
The report is the deliverable. A great engagement with poor reporting fails to drive change. Three audiences Executives — what could happen;…
AcademyModule 12 · Data Exfiltration Techniques
Data exfiltration is the goal of most non-ransomware attacks. Network defenders should know patterns. Common channels HTTPS to attacker domain — most…