Knowledge Hub

Practitioner-grade cybersecurity content

Technical playbooks, war stories, and how-to-think guides — written by practitioners, anchored to the Indian context.

Want structured, step-by-step learning instead? Explore the Academy (guided courses) or the AI security hub.

Latest articles

Most recent practitioner playbooks across every track. Filter by topic in the sidebar, or use search.

Academy

Module 14 · DPDP × RBI / SEBI / IRDAI / GDPR Mapping

Why this module exists. Indian regulated entities don’t operate under DPDP alone. RBI Cyber Framework, SEBI CSCRF, IRDAI guidelines, ABDM, plus international…

Apr 27, 2026 · 3 min read
Academy

Module 13 · DPDP Audit Readiness — DPB Inspection Playbook

Why this module exists. The Data Protection Board has inspection powers under §28. When the DPB shows up — physically or via…

Apr 27, 2026 · 3 min read
Academy

Module 12 · DPDP for SaaS — Building DPDP-Compliant Indian SaaS

Why this module exists. Indian SaaS companies are growing 30% YoY and most are scaling faster than their compliance posture. Founders wait…

Apr 27, 2026 · 4 min read
Academy

Module 11 · DPDP Penalties, Adjudication & Appeals

Why this module exists. “How much can DPDP fines actually be?” The answer depends on the specific violation, the harm caused, and…

Apr 27, 2026 · 3 min read
Academy

Module 10 · Children’s Data Under DPDP §9

Why this module exists. DPDP §9 is the strictest section of the Act. It prohibits behavioural tracking of children, prohibits targeted advertising…

Apr 27, 2026 · 4 min read
Academy

Module 9 · DPIA — Data Protection Impact Assessment Under DPDP

Why this module exists. §10(2)(c) requires Significant Data Fiduciaries (SDFs) to conduct DPIAs. The Rules (when published) will likely extend DPIA expectations…

Apr 27, 2026 · 3 min read
Academy

Module 8 · Data Retention & Erasure — DPDP §8(7) and §12

Why this module exists. “How long do we keep customer data?” is the question that has the most-wrong answers in Indian SaaS.…

Apr 27, 2026 · 3 min read
Academy

Module 7 · Vendor & Data Processor Management Under DPDP §8(7)

Why this module exists. DPDP §8(7) requires every Data Fiduciary to enter into a contract with every Data Processor. The contract must…

Apr 27, 2026 · 4 min read
Academy

Module 6 · Cross-Border Data Transfers — DPDP §16 in Practice

Why this module exists. DPDP §16 is the section every Indian SaaS founder argues with their legal team about. “Can we use…

Apr 27, 2026 · 4 min read
Academy

Module 5 · Data Subject Rights — Building the DSR Workflow

Why this module exists. DPDP Sections 11, 12, 13 grant Data Principals four rights: access, correction, erasure, grievance redress. Every Data Fiduciary…

Apr 27, 2026 · 4 min read
1 50 51 52 53 54 91