Knowledge Hub

Practitioner-grade cybersecurity content

Technical playbooks, war stories, and how-to-think guides — written by practitioners, anchored to the Indian context.

Want structured, step-by-step learning instead? Explore the Academy (guided courses) or the AI security hub.

Latest articles

Most recent practitioner playbooks across every track. Filter by topic in the sidebar, or use search.

Security Guides

Threat Modeling for Multi-Tenant SaaS: The Isolation Boundary Problem

Multi-tenancy is not a security feature. It is an architectural choice with security consequences. Every B2B SaaS that shares compute, storage, or…

Apr 20, 2026 · 7 min read
Security Guides

API Threat Modeling: From OpenAPI Spec to Attack Surface Map

APIs are where most SaaS breaches happen, and threat modeling is where most SaaS teams stop before reaching APIs. Developers who understand…

Apr 20, 2026 · 7 min read
Security Guides

Threat Modeling for SaaS: STRIDE Applied to a Real B2B Product

Most B2B SaaS companies we work with have heard of STRIDE. Far fewer have actually threat-modeled a real product feature under production…

Apr 20, 2026 · 7 min read
DPDP Compliance

Incident Response Runbook: Data Exfiltration Under DPDP (India)

Data exfiltration incidents were difficult enough before the DPDP Act 2023. Now they carry statutory teeth: notification obligations to the Data Protection…

Apr 20, 2026 · 7 min read
Security Guides

Incident Response Runbook: Credential Compromise & Session Hijack

Credential compromise rarely announces itself. Ransomware comes with a note; credential theft comes with a successful login from an unexpected IP, an…

Apr 20, 2026 · 7 min read
Security Guides

Incident Response Runbook: Ransomware (Enterprise)

A ransomware incident does not give you time to plan. The first hour sets the trajectory of the next ninety days. Organizations…

Apr 20, 2026 · 6 min read
Compliance

ISO 27001 Internal Audit: A Practitioner’s Checklist

Internal audit is the clause of ISO 27001 that fails silently. Startups complete the Annex A controls, draft the policy library, run…

Apr 20, 2026 · 7 min read
Compliance

ISO 27001 Statement of Applicability (SoA): How to Actually Write One

The Statement of Applicability (SoA) is the single document that separates a real ISO 27001 implementation from a cosmetic one. Every certification…

Apr 20, 2026 · 7 min read
Compliance

ISO 27001:2022 Implementation for Indian Startups: A No-BS Guide

ISO 27001:2022 is the framework every Indian startup claims to want and few actually finish. Founders procure the certificate thinking it is…

Apr 20, 2026 · 7 min read
Compliance

SOC 2 Readiness Assessment: The 90-Day Playbook

A readiness assessment is the part of SOC 2 that determines whether your first audit is painful or boring. Get it right…

Apr 20, 2026 · 7 min read
1 79 80 81 82 83 91