Knowledge Hub

Practitioner-grade cybersecurity content

Technical playbooks, war stories, and how-to-think guides — written by practitioners, anchored to the Indian context.

Want structured, step-by-step learning instead? Explore the Academy (guided courses) or the AI security hub.

Latest articles

Most recent practitioner playbooks across every track. Filter by topic in the sidebar, or use search.

Module 6 · Container & Image Scanning

Why this module. Every container starts from a base image with hundreds of packages, most of which the application doesn’t use, all…

Apr 27, 2026 · 2 min read

Academy

Module 15 · Purple Teaming Methodology

Why this module exists. Red teams find what defenders missed. Blue teams build detections. Purple teams put both in the same room…

Apr 27, 2026 · 3 min read

Academy

Module 14 · Threat Intelligence Operations

Why this module exists. Threat intelligence is one of the most-purchased and least-utilised security investments. Companies subscribe to feeds that nobody reads,…

Apr 27, 2026 · 3 min read

Academy

Module 13 · SOC Metrics & MTTR Reduction

Why this module exists. “Is our SOC effective?” CISOs need a measurable answer. Common metrics — alert volume, ticket count — measure…

Apr 27, 2026 · 3 min read

Academy

Module 12 · DNS-Based Detection Strategy

Why this module exists. Almost every internet attack starts with a DNS query — beaconing to C2, exfiltration via DNS tunneling, phishing-link…

Apr 27, 2026 · 3 min read

Academy

Module 11 · Email Security & Phishing Triage

Why this module exists. Email is still the primary initial-access vector in 2026. Verizon DBIR: ~30% of breaches start with phishing. Modern…

Apr 27, 2026 · 3 min read

Academy

Module 10 · Insider Threat Detection

Why this module exists. External attackers get the headlines; insiders cause more breaches by volume. Verizon DBIR consistently shows ~20% of breaches…

Apr 27, 2026 · 3 min read

Academy

Module 9 · SOAR Playbooks — Practical Automation

Why this module exists. SOAR (Security Orchestration, Automation, Response) is the highest-leverage SOC investment after a competent SIEM. Done right, it cuts…

Apr 27, 2026 · 3 min read

Academy

Module 8 · Log Management at Scale — Patterns and Pitfalls

Why this module exists. Logs are the SOC’s primary data. Bad log architecture means missed detections, slow investigations, and impossible audit response.…

Apr 27, 2026 · 3 min read

Academy

Module 7 · Incident Response Lifecycle — NIST + SANS in Practice

Why this module exists. Every CISO knows the NIST IR lifecycle (Prepare, Identify, Contain, Eradicate, Recover, Lessons Learned). Few have actually executed…

Apr 27, 2026 · 3 min read

← Newer 1 … 49 50 51 52 53 … 91 Older →