Knowledge Hub

Practitioner-grade cybersecurity content

Technical playbooks, war stories, and how-to-think guides — written by practitioners, anchored to the Indian context.

Want structured, step-by-step learning instead? Explore the Academy (guided courses) or the AI security hub.

Latest articles

Most recent practitioner playbooks across every track. Filter by topic in the sidebar, or use search.

Module 6 · API Discovery & Inventory

Why this module. Most enterprises have 30-60% more APIs than their security team knows about. Shadow APIs (unauthorised), zombie APIs (deprecated but…

Apr 27, 2026 · 1 min read

Academy

Module 15 · DevSecOps Metrics & Maturity

Why this module. Engineering teams measure DORA. Security teams measure CVE backlog. DevSecOps requires a unified metric set — measuring how secure…

Apr 27, 2026 · 2 min read

Academy

Module 14 · Shift-Right Security — Runtime Defence

Why this module. “Shift-left” — find security issues earlier — became dogma. But shift-left has limits: bugs ship anyway, dependencies have CVEs…

Apr 27, 2026 · 2 min read

Academy

Module 13 · Vulnerability Triage at Scale

Why this module. A typical enterprise scan returns 50,000+ CVEs across servers, containers, dependencies. Trying to “fix all critical/high” is mathematically impossible…

Apr 27, 2026 · 2 min read

Academy

Module 12 · Security Champions Programme

Why this module. A security team can’t be in every code review, every architecture meeting, every incident discussion. Security Champions are embedded…

Apr 27, 2026 · 2 min read

Academy

Module 11 · SLSA Levels & Build Provenance

Why this module. 2020 SolarWinds taught the industry that “we trust our build pipeline” is no longer enough. SLSA (Supply-chain Levels for…

Apr 27, 2026 · 2 min read

Academy

Module 10 · Threat Modelling for Engineers (STRIDE/LINDDUN)

Why this module. Threat modelling has a reputation as a heavyweight, consultant-driven exercise. It doesn’t have to be. Done right, it’s a…

Apr 27, 2026 · 2 min read

Academy

Module 9 · Dependency Management & Renovate

Why this module. 80% of application code is third-party dependencies. Each is a CVE waiting to happen. Manual updates don’t scale; automated…

Apr 27, 2026 · 2 min read

Academy

Module 8 · Pre-Commit Hooks for Security

Why this module. The cheapest security check is the one that runs on the developer’s laptop before code ever reaches CI. Pre-commit…

Apr 27, 2026 · 2 min read

Academy

Module 7 · Secret Scanning in Code Repos

Why this module. Engineers commit secrets. AWS keys, API tokens, database passwords end up in Git, often in .env.example files that were…

Apr 27, 2026 · 2 min read

← Newer 1 … 48 49 50 51 52 … 91 Older →