Practitioner-grade cybersecurity content
Technical playbooks, war stories, and how-to-think guides — written by practitioners, anchored to the Indian context.
Want structured, step-by-step learning instead? Explore the Academy (guided courses) or the AI security hub.
Latest articles
Most recent practitioner playbooks across every track. Filter by topic in the sidebar, or use search.
SOC 2 vs ISO 27001 vs DPDP: Which Should an Indian SaaS Do First?
One of the most common questions an Indian SaaS founder asks us is deceptively simple: “Should we do SOC 2, ISO 27001,…
ComplianceSOC 2 Type 2 for Indian SaaS: The Realistic Roadmap (2026)
Every Indian SaaS company pitching to a US or European enterprise buyer hits the same wall. The procurement questionnaire arrives, and somewhere…
AcademyModule 8 · Incident Response Playbook
An incident response (IR) playbook is the written plan your team executes when things go wrong. Not the feature of a tool,…
AcademyModule 7 · Threat Hunting Workflow
Threat hunting is proactive — actively searching for adversary activity that automated detection missed. Unlike SOC triage (reactive, works from alerts), hunting…
AcademyModule 6 · Memory Forensics
Memory forensics is the discipline of examining volatile memory (RAM) to find evidence that disk-only forensics miss. Credentials cached in memory, in-memory…
AcademyModule 7 · Cloud Incident Response
Cloud incidents move fast. An attacker with a leaked access key can enumerate the account in minutes and begin exfiltration. Response time…
AcademyModule 6 · Cross-Account Attacks in AWS
Multi-account AWS (or multi-subscription Azure / multi-project GCP) is the norm. Production in one account, staging in another, security tooling in a…
AcademyModule 5 · Secrets Management
Every application has secrets — database passwords, API keys, TLS certs, encryption keys, third-party tokens. Where you store them determines whether a…
AcademyModule 13 · JWT Attacks
JSON Web Tokens (JWT) have become the default authentication token format in modern APIs. They’re compact, stateless, and when implemented correctly, secure.…
AcademyModule 12 · File Upload Vulnerabilities
File upload features are everywhere — profile pictures, document uploads, attachments, imports. They’re also one of the most frequently-exploited vulnerability classes, capable…