Practitioner-grade cybersecurity content
Technical playbooks, war stories, and how-to-think guides — written by practitioners, anchored to the Indian context.
Want structured, step-by-step learning instead? Explore the Academy (guided courses) or the AI security hub.
Latest articles
Most recent practitioner playbooks across every track. Filter by topic in the sidebar, or use search.
Scenario Brief: Anatomy of a High-Risk Patch Tuesday for Windows Estate Defenders
Tabletop-ready scenario: a hypothetical Patch Tuesday with twin Print Spooler bugs echoing PrintNightmare. Domain-controller priority and SOC detection workflow.
Cloud SecurityScenario Brief: How Post-Quantum TLS Could Roll Out Across UPI Infrastructure
Tabletop-ready forecast: an illustrative roadmap for ML-KEM-based hybrid TLS across UPI switch-to-issuer links and the CIO action plan around cryptography inventory.
ComplianceScenario Brief: Tracking SBOM Readiness Among SEBI-Regulated Intermediaries
Tabletop-ready compliance scenario: where stockbrokers and depository participants stand against the SEBI CSCRF Phase 2 SBOM requirement and the 30-day sprint plan.
Incident ResponseScenario Brief: Ransomware Tradecraft Against Indian Hospitals via Unpatched Backups
Tabletop-ready scenario: ransomware affiliates targeting Veeam backup servers as initial access. ABDM propagation risk and the hospital defender checklist.
Cloud SecurityScenario Brief: Pod Escape via Cgroup Namespace TOCTOU — A Containerd Threat Model
Tabletop-ready scenario: a hypothetical containerd pod-escape via TOCTOU race. Why baseline Pod Security Admission is no longer enough and what to harden.
ComplianceScenario Brief: What Tighter RBI Cyber Master Direction Controls Would Mean for PSOs
Tabletop-ready regulatory scenario: continuous control monitoring, board-level cyber risk committees, and a 4-hour SLA on critical incident notification for PSOs.
AI SecurityScenario Brief: MCP SDK Authentication Bypass — Tradecraft and Mitigation
Tabletop-ready scenario: a hypothetical auth-bypass in the Model Context Protocol reference SDK. What an MCP server compromise looks like and how to…
ComplianceScenario Brief: How a DPDP Penalty for S3 Misconfiguration Could Unfold
Tabletop-ready compliance scenario: how a public S3 bucket leaking identity documents could lead to a major DPDP Board penalty, and what Data…
AI SecurityScenario Brief: AI-Powered Phishing Tradecraft Targeting Indian Fintech
Tabletop-ready threat scenario: LLM-generated spear-phish plus deepfake voice calls against Indian payment aggregators. Kill chain, detection signals, and CISO actions.
Incident ResponseScenario Brief: Critical OpenSSL Use-After-Free Reachable via TLS 1.3 Session Resumption
Tabletop-ready threat scenario: a hypothetical CVSS 9.8 use-after-free in OpenSSL TLS 1.3 session resumption. Indian BFSI patch-priority and incident-reporting drill.