Practitioner-grade cybersecurity content
Technical playbooks, war stories, and how-to-think guides — written by practitioners, anchored to the Indian context.
Want structured, step-by-step learning instead? Explore the Academy (guided courses) or the AI security hub.
Latest articles
Most recent practitioner playbooks across every track. Filter by topic in the sidebar, or use search.
Module 3 · Microsoft 365 Security
Exchange + SharePoint + Teams + Power Platform hardening, Defender stack, Purview, IR in M365.
AcademyModule 2 · Azure Resource Hardening
RBAC hierarchy, network security, Storage/SQL/KeyVault hardening, Defender for Cloud, common misconfigurations.
AcademyModule 1 · Microsoft Entra ID Security
Roles, attack patterns (token theft, AitM, consent phishing), Conditional Access, PIM, hybrid AD considerations.
AcademyModule 14 · HTTP Request Smuggling
CL.TE / TE.CL / TE.TE, HTTP/2 downgrade smuggling, exploitation impacts, detection via timing, defenses.
AcademyModule 4 · Secrets Management at Scale
Vault, dynamic secrets, rotation strategies, CI/CD secrets, leak detection, multi-environment isolation, audit.
AcademyModule 3 · PKI Architecture
CAs, cert types, ACME, lifecycle, revocation, internal PKI, service mesh PKI, code signing, lifetime trends.
AcademyModule 2 · TLS in Practice
TLS 1.2/1.3, cipher suites, handshake, certificate validation, HSTS, CT, common misconfigurations, testing with testssl.sh.
AcademyModule 1 · Modern Cryptography Fundamentals
Symmetric, asymmetric, hashing, MACs, password hashing, RNG, libsodium, post-quantum status, the cardinal rule.
AcademyModule 5 · Internal Audit Programme
Independence, audit lifecycle, sampling, common audit areas, severity calibration, follow-through metrics.
AcademyModule 4 · Third-Party Risk Management
Vendor classification, assessment workflow, contractual provisions, continuous monitoring, India-specific regulations.