Practitioner-grade cybersecurity content
Technical playbooks, war stories, and how-to-think guides — written by practitioners, anchored to the Indian context.
Want structured, step-by-step learning instead? Explore the Academy (guided courses) or the AI security hub.
Latest articles
Most recent practitioner playbooks across every track. Filter by topic in the sidebar, or use search.
Load Balancers, Reverse Proxies, and the L7 Stack
A load balancer distributes traffic across backend servers. A reverse proxy sits in front of backend servers, terminating client connections, often inspecting…
AcademyNetwork Segmentation — VLANs, VRFs, Microsegmentation, and the Tiers Auditors Actually Look For
Segmentation is splitting your network into zones with controlled traffic between them. Done well it slows lateral movement, reduces blast radius, and…
AcademyNAT, PAT, and the IPv4 Internet’s Duct Tape
Network Address Translation maps private IPv4 addresses to public ones, allowing many devices to share a single public IP. PAT (Port Address…
AcademyTLS 1.3 — Inside the Handshake, Byte by Byte
TLS 1.3 (RFC 8446) is the modern transport-security protocol every browser, API, and increasingly every database now speaks. Compared to TLS 1.2…
AcademyDNS — From Resolution to Tunneling, Cache Poisoning, and DoH-Driven Bypass
DNS is unauthenticated, mostly unencrypted, and the precondition for every connection on the Internet. This module walks through how a query actually…
NewsCrowdStrike Falcon Outage July 2024 — How a Channel-File Update Broke 8.5 Million Windows Machines: Root Cause & Lessons
A CrowdStrike Falcon Sensor channel-file update caused approximately 8.5 million Windows machines worldwide to crash into Blue Screen of Death loops, grounding…
NewsMOVEit Transfer Cl0p Campaign 2023 — How a SQL Injection in a File-Transfer Tool Hit 2,700 Organisations: Anatomy of a Modern Supply-Chain Breach
A pre-authentication SQL injection zero-day in Progress Software's MOVEit Transfer enabled the Cl0p ransomware affiliate group to exfiltrate data from over 2,700…
AcademyApplication Security Programme and WAF Tuning
Building an AppSec programme that scales — maturity ladder, security champions, CI/CD security pipeline, tooling baseline, metrics, bug bounty, threat modelling integration.
AcademySecure Coding Across Languages
Language-specific secure-coding patterns — Python, Node/TS, Java, Go, Rust, PHP. Common pitfalls, safe alternatives, crypto patterns, dependency scanning.
AcademyReverse Engineering and Malware Analysis
Static and dynamic RE workflow, Ghidra/IDA/Binary Ninja, packers, anti-analysis bypass, sandbox setup, YARA-rule writing — turning unknown binaries into hunting queries.